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TERRORISM 
TAXES IT 
PLANNING 


One-day stock trade 
settlements in doubt | 


New rules for financial 
firms to fore e upgrades 


BY PATRICK THIBODEAU 
AND LUCAS MEARIAN 
WASHINGTON 


BY LUCAS MEARIAN 
The events of Sept. ll 
| caused some financial services 


have 


Antiterrorism legislation 
cently signed by President 
George W. Bush eigen cs ADS rl likely 


to force financial 


services firms to in- AFTERMATH 


vest in new technol- 
ogy and upgrade older sys- 
tems. The law is designed to 
make it for law 
forcers to combat money laun- 
dering and track down and 
freeze terrorists’ assets. 

The legislation calls for reg- 


easier en- 


New Rules, page 16 | 


DISASTER PLANS 
AID N.Y. INSURER 


Trade Center tenant 


BY BOB BREWIN 
NEW YORK 


senior vice 


Kenny Klepper, 
president of systems, technol- 


ogy and infrastructure at Em- | 


pire Blue Cross Blue Shield, 


re- | 


| takes 


executives to question the via- 
bility of reducing the time it 
to stock market 
trades from three 
days to one. The $8 
billion industrywide 
“trade plus one day” initiative 
has been derailed by disaster 


settle 


| recovery considerations. 


The Securities Industry As- 
sociation last month 
the target date for the launch 
of T+1 from 2004 to June 2005, 

Stock Trades, page 16 


moved 


had just finished explaining 
last week how his company 
had quickly reconstituted its 


| systems after being blown out 
| of 10 floors in the World Trade 
| Center. Someone tapped dis- 
| creetly on his door. He stepped 
keeps systems running | 
| turned and 
| Computerworld interview. 


moment, then re- 
abruptly ended a 


out for a 


“We had to evacuate the data 
center on Staten Island due to 
anthrax,” he said. “And even 
though the data center is still 

Insurer, page 69 
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| predatory 
| and give competitors the free- 
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2001 # VOL SeNO. 458 ( 


tS BST elt) side 
Esa ue a ae 
realized that the bankrupt retail- 
er “didn't need a Ken Brame.” 


At bankrupt companies, IT professionals struggle when new projects 


sink and spending money evaporates. They g 


et depressed and wonder how 


much longer they’ll have jobs. That can present tough challenges, but for- 
ward-thinking IT managers like former Service Merchandise CIO Ken Brame 


can take steps to help their companies cope with Chapter Il. 
Story by Kim S. Nash begins on page 30. 


MICROSOFT, DOJ MAKE A DEAL; COMPETITORS CRY FOUL 


Court, gives states until 
Tuesday to weigh in 


BY PATRICK THIBODEAU 
AND CAROL SLIWA 

The Microsoft antitrust case is 
finally drawing to an end, 
terms that aren’t likely to have 


dom to offer rival products. 

But the case isn’t over yet. 
The 18 states that joined the 
DOJ’s pursuit of Microsoft are 


still deciding whether to ac- 


cept the Bush administration’s 


on 


a significant impact on corpo- | 
} answer. 


rate users or Microsoft Corp. 
The U.S. Justice Department 
Friday reached a settlement 


| with the software giant that it | 


said will curb the company’s | 


business practices 


agreement. State officials were 
ordered last week by U.S. Dis- 
trict Court Judge Colleen Kol- 
lar-Kotelly to return to court 
Tuesday morning to give their 

Some state officials last 
week seemed inclined to settle. 

The settlement brings “re- 
sults now, in real time,” 


| Connecticut Attorney General 
Richard Blumenthal, outside of 


said | 


court. “Time, in this industry, 
is not on our side.” 

But Blumenthal 
state attorneys 
they wouldn’t commit to sup- 
porting the DOJ’s settlement 
an oppor- 


and other 


general said 


until they have had 
tunity to discuss it. 
[he agreement is receiving 


fierce opposition from trade 
groups representing Microsoft 
competitors. 

“They basically capitulated,” 
said Ed Black, CEO the 
Washington-based Computer 
& Communications 


Association, 


of 


Industry 
whose members 
Microsoft, page 69 
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NEWS 6 


6 Building closures due to an- 
thrax alarms highlight the impor- 
tance of including remote access in 
disaster recovery planning. 


7 The Bush administration’s plan 
to unplug government networks 
from the Internet draws fire. 


8 Improperly configured network 
routers are vulnerable to distrib- 
uted denial-of-service attacks and 
pose a serious threat to Internet 
traffic, security experts warn. 


10 Companies turn to their IT 
shops for help in keeping the busi- 
ness humming amid corporatewide 
layoffs and budget cuts. 


14 Private-sector IT is joining the 
military on the front line in the war 
against terrorism. 


a k For breaking news, updated 
Cc daily at noon and 5 p.m., visit 
I nk the Computerworld.com 
a Web site: 


www.computerworld.com/q?q4000 


COMPUTER 
CONSCIOUSNESS 


In this week’s Future Watch, 
Stephen M. Younger, a nu- 
clear physicist and former 
senior associate director at 
Los Alamos National Labora 
tory, outlines his vision for 
computers so powerful they 
could become “self-aware.” 


PAGE 52 


IS THE CO-ClO ROLE A FAD? 


Not at Ameritrade, where a pair of IT leaders have 
charged up their operation through job sharing. PAGE 34 
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BUSINESS == 27 


27 Paul A. Strassmann says we're 
at the end of corporate computing 
as it’s been practiced for 50 years, as 
most information processing will 
be passed on to computing utilities. 


32 IT managers who work at 
companies without CIOs can help 
convince their CEOs that such a 
position is needed — and that 
they’re right for the job. 


39 Architects are beginning to tap 
collaborative technologies such as 
VPNs to help them coordinate de- 
signs with geographically dispersed 
peers, engineers, contractors and 
government agencies. 


40 Stan Portny, author of Project 
Management for Dummies, offers 
advice to help managers learn how 
to delegate. 


43 Workstyles: We take a look at 
the challenges faced by IT workers 
at MSNBC.com, where Web traffic 
has increased sixfold since the 
Sept. ll attacks. 


TECHNOLOGY 47 


47 Windows XP may look like an 
improvement, but its design invites 
future problems, says columnist 
Nicholas Petreley. 


48,50 CRM Report: Computer- 
world takes a look at two key cus- 
tomer relationship management 
issues — customization and wire- 
less applications. 


54 QuickStudy: A Dynamic Link 
Library is a small application that’s 
called on by a larger application 

to provide a service or set of data. 
Although it’s specific to Windows, 
other operating systems have simi- 
lar programming techniques. 


56 Security Journal: Security 
manager Mathias Thurman buck- 
les down and prepares for the 
CISSP security certification exam. 


58 Emerging Companies: Couri- 
on’s password management soft- 
ware lets users retrieve forgotten 
passwords or change them without 
involving the help desk. 


Maryfran Johnson says there’s 
a long way to go before a national 
ID card program makes practical 


sense. 


Pimm Fox writes that Secure 
Sockets Layer is great at securing 
Web transmissions, but it still 
leaves you exposed at the database 
level. 


David Foote says that in the 
aftermath of Sept. 11, it’s the right 
time to engage in revolutionary 
thinking. But remember some key 
truths about managing businesses 
and people. 


Frank Hayes offers a cold les- 
son from Oregon: Mess up an im- 
plementation of a new billing sys- 
tem, and it’ll cost more than your 
typical IT project that’s beset with 
cost overruns. 
Editorial/Letters 
How to Contact CW 
Company Index 
Shark Tank 
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WHAT'S QUICKLINK? 


QuickLinks are an easy way to 
find Computerworld content on- 
line. On some pages of this issue, 
you'll see a QuickLink code point- 
ing to additional, related content 
on our Web site. 


QuickLinks include a full Web 
site address — such as www. 
computerworld.com/q?al210 — 
that you can type into your brows- 
er. Or you can head to the Quick- 
Link page at www.computerworld. 
com/quicklink and type the Quick- 
Link code — the five characters at 
the end of the Web address, after 
the question mark — into the box, 
then click on Go. 


LEVERAGING 
RELATIONSHIPS 


Jeff Zabin, a director of Boston- 
based Seurat, talks about the need 
to get the most out of relationships 
with customers, partners and em- 
ployees in order to create a suc- 
cessful online business and survive 
tough economic times. 
www.computerworld.com/ecommerce 


NATIONAL 1D DEBATE 


Computerworld editor in chief 
Maryfran Johnson has had her say 
on the subject of issuing national 
ID cards. Now hear what two in- 
dustry leaders think we should 
carry in our wallets. 
www.computerworld.com/security 
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Gartner: Include Remote 
Access in Disaster Planning 


European Cookie 
Ban Up for Vote 


The European Parliament is sched- 
uled to vote next week on a propos- 
al to ban the use of Internet cookies 
in European Union countries on pri- 
vacy grounds. If it passes, the mea- 
sure could require big changes to 
Web sites that put cookies on the 
PCs of visitors to gather user regis- 
tration data and information about 
how they're using a specific site. 


IT Services Firm 
Genuity Plans Cuts 


Genuity Inc., a Woburn, Mass.- 
based provider of Web hosting and 
corporate Internet access services, 
said it plans to cut up to 1,200 em- 
ployees and contractors and consol- 
idate several business units to save 
money. Genuity also reported a 
$300.4 million third-quarter loss. 
The layoffs will decrease the com- 
pany’s workforce by about 24%. 


CSC's Profit Falls, 
But Revenue Rises 


Recent building shutdowns highlight 
need for options during emergencies | 


| BY JAIKUMAR VIJAYAN 


HI build- 
ing 


caused by the an- 


RECENT 
shutdowns 


thrax scare high- 


| creating 


light the need for | 


corporations to include remote 


| access capabilities in disaster | 


planning, according to a recent 
advisory from Gartner Inc. in 
Stamford, Conn. 

Among the issues that orga- 
nizations need to look at are 
the ability of employees to se- 


| curely log on to enterprise net- 
| works from home, the kind of 


remote bandwidth employees 
have access to, and whether 


QAUG Divided 


| Members debate 


Computer Sciences Corp. reported a | 


$68.2 million profit for its second 
quarter ended Sept. 30, down 37% 
from the year-earlier total of $109 
million. But the El Segundo, Calif.- 
based IT consulting and outsourcing 
firm said revenue came in at $2.77 
billion, up 11% from $2.5 billion in 
last year’s second quarter. CSC 
predicted revenue growth of 9% to 
11% for its full fiscal year. 


Report: XP Antipiracy 
Tool Cracked 


The antipiracy technology in Micro- 
soft Corp.'s Windows XP operating 
system has already been cracked, 
according to BitArts Labs, a U.K.- 
based digital rights management 
firm. Hours after Windows XP was 
launched Oct. 25, BitArts said, ma- 
licious coders in Asia began distrib- 
uting a program that lets users by- 
pass the Product Activation feature. 


hosting joint event | 


BY MARC L. SONGINI 
A sizable minority of the group 
serving users of Oracle Corp.'s 


business applications has no | 


interest in working with the 
software company to produce 
an 
show, according to a new sur- 


Oracle-sponsored 


| vey. But the survey shows that 





a majority of the members of 
the Oracle Applications Users 


| Group (OAUG) is at least open 


to the idea. 
The survey results are com- 
ing to light just as the board of 


| the independent organization 


is discussing possible collabo- 
ration on a joint trade event, 
something that has been a 
thorny issue during the past 18 
months for both Oracle and 
the Atlanta-based OAUG. 

In a recent OAUG survey of 
about 2,000 members, 33% of 
the respondents said they did- 


trade | 


| sults 


| World 


employees have access to sepa- 


rate telephone lines. 
Employers may also want to 


investigate the possibility of 


remote centers to 


work out of in the event of an 


| emergency, the advisory said. 


“Companies need to make 
sure they understand what ca- 
pabilities they have from a re- 
mote access [perspective] and 
to incorporate that knowledge 
into their disaster plans,” said 
John Girard, a Gartner analyst 
and co-author of the report. 

Up until now, most corpora- 
tions “considered remote ac- 


cess to be an alternate work- 


style as opposed to a measure | 


that can be used in an emer- 
gency,” Girard said. 

Gartner’s advice comes at a 
time 
that office buildings and mass 
transportation facilities could 
become contaminated by bio- 
toxins as a result of terrorist at- 
tacks. Such fears have already 
led to the temporary closure of 
several buildings in Washing- 
ton and other cities. 


As a result, it makes sense to | 


make remote access a part of 
disaster planning, Eric 
Bloom, a senior vice president 
at Independence Investment 
LLC, a Boston-based financial 
services company. 

“I agree with Gartner 100%,” 
Bloom said. “We’ve always had 
remote access capability as a 


said 


ver Closer Ties to Oracle 


n’t want to participate in an Or- 


| acle show at all, although 67% 


said they were open to explor- 
ing ways the OAUG could col- 
laborate in one. In addition, 


| 92% voted to keep the OAUG’s 


semiannual user events inde- 
pendent, despite repeated of- 
fers from Oracle to 
fold the conference 
into its own Apps- 
World event. 

The survey re- 
were made 
available to Comput- 
erworld last week. 

OAUG President 
Jeremy Young said 


| the users group has 


agreed to review pa- 
pers being submit- 
ted for presentation 
at Oracle’s Apps- 
next April. But that 
show “is managed and con- 
trolled by Oracle,” he said. 
Young also noted that the 
survey “indicates the value 
[the users] see in the indepen- 
dent conferences we run. We 


ER 


67% 


of OAUG members 
said they’re open 
to exploring ways for 
the OAUG and Oracle 
to cooperate 


92% 


events independent 
of Oracle 


| 
| 
| 
| 


also see it as a continuing vote 
for the independence of the 
OAUG.” 

Joshua Greenbaum, an ana- 
lyst at Enterprise Applications 
Consulting in Daly City, Calif., 
said the survey “delineates the 
problem succinctly. A lot of 
users don’t want to 
work with Oracle, 
but two-thirds rec- 
ognize they have to 
or should, irrespec- 
tive of how they 
feel about Oracle 
or how Oracle feels 
about them. OAUG 
users aren’t stupid 
and don’t want to 
burn that bridge [of 
collaboration] 
completely.” 

A spokeswoman 


for Oracle said she sees the | 


survey results as encouraging. 
“Either way, 67% is still way 
over half of the membership,” 
she said, noting that it’s unclear 
how many of the OAUG mem- 
bers are enterprise users. D 


of mounting concerns 





Planning Ahead 


As part of disaster planning, 
companies should inventory 
workers’ remote capabilities: 


1. Do employees have 


suitabie home computers? 
Those who don’t should be 
encouraged to bring their 
laptops home. 


5 2. What is employees’ 


access to bandwidth? 


3. Do employees have separate 
telephone lines? 


convenience so that people 
would be able to work from 
home. Now we are looking at it 
more tactically, as another type 


| of disaster recovery plan.” 


Independence is reviewing 
the remote access capabilities 
of its employees and coming 
up with a series of measures to 
take in the event of a disaster. 
For instance, not all the towns 
in which its employees live 
support the high-bandwidth 


| secure connections needed to 


log in to the company’s net- 
work. So Independence is 
planning on publishing an in- 
ternal list of locations where 
employees can go and securely 
dial in to the network. 
Factoring remote access into 
disaster planning makes par- 
ticular sense for smaller com- 


| panies and those with just one 


or two office facilities, said 
Kurt Bahrs, a disaster recovery 
specialist at Hartford, Conn.- 
based Aetna Inc. 


Aetna already provides se- 


cure remote access to its em- 


ployees, who are able to log in 
to the corporate network from 
almost anywhere in the world, 
Bahrs said. The remote access 
capabilities of Aetna’s IT staff 
have already been included in 
the company’s current disaster 
plan. But Aetna hasn’t yet stud- 
ied the network and band- 
width implications of having 
all employees dialing in to the 
network remotely, he added. D 
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Skeptics say GovNet wouldn’t protect against internal threats 


BY DAN VERTON 
WASHINGTON 

The Bush  administration’s 
plan to build a multibillion- 
dollar secure government in- 
tranet to protect critical feder 
al systems from security prob- 
lems associated with the Inter- 
net may be flawed, critics con- 
tend. 

Rep. Sherwood L. Boehlert 
(R-N.Y.), chairman the 
House Science Committee, ac- 
knowledged last week that 


of 


highly qualified to advise the 
president on cybersecurity. 
But he Clarke’s 
plan to disconnect the govern- 
ment from the Internet. 

“I'm not sure that simply 
off 
networks 
from the Internet is 
the right policy or 
whether such a 
tem will actually improve se- 


questioned 


walling 
ment 


govern- 


sys- 


| curity,” said Boehlert. 


Richard Clarke, chairman of | 


the president’s Critical Infra- 


structure Protection Board, is | 


According to an outline of 
the project released by the 


government, the key feature of | 
| tems,” said Paul Kurtz, director 


the proposed intranet, which 


DOMESTIC. 
SECURITY 


has been dubbed GovNet, “is 
that it must be able to perform 
functions with no risk of pene- 
tration or disruption from 
users on other networks, such 
as the Internet.” The govern- 
ment GovNet 
to be a private voice 
and data network 
based on Internet pro- 
but with 


wants 


tocols no 


connectivity to commercial or | 


public networks. 
“Our first priority is to en- 
sure that the federal govern- 


Bush Plan to Unplug Feds From Internet Draws Criticism 


of critical infrastructure pro- 
tection for the National Securi- 
ty Council. 

Boehlert alone in 
skepticism about the GovNet 
concept. 

Vinton Cerf, senior 
president for Internet architec 
ture and technology at World- 
Com Inc., said that although he 
can sympathize with the gov- 
ernment’s desire to guarantee 
the availability of network ser- 


isn’t his 


vice 


vices during times of crisis, se- 
curity through 
likely to prove only partially 
effective.” 

James Woolsey, who served 


isolation “is 


| as CIA director under the Clin- 


ment is securing its own sys- | 


ton administration, said Gov- 
Net wouldn’t protect against 





Cockpit Video System Faces 


Uphill Battle for Certification 





Qualcomm latest to enter market 


BY BOB BREWIN 
Qualcomm Inc. demonstrated 
a satellite-based aviation safety 
system last week, saying it 


could help prevent aircraft hi- | 
jackings by relaying real-time | 


video from airline cockpits and 
cabins to the ground and pro- 


vide a dedicated voice commu- 


nications channel for onboard 
air marshals. 
San Diego-based Qualcomm 


plans to transmit the real-time | 


data, which could include in- 
formation from flight monitor- 
ing systems, over a satellite 


system in which it holds a mi- | 
Globalstar 


nority interest, 
Telecommunications LP. The 
raw data throughput of a single 
channel on the Globalstar sys- 
tem is 9.6K bit/sec., but Qual- 
comm said it could provide 
throughput of 128K bit/sec. by 
using multiple channels for its 
security system. 

Qualcomm said in a state- 
ment that its satellite aviation 
safety system is “in the final 
stages” of certification by the 
Federal Aviation Administra- 





tion (FAA). However, the FAA 
has described that certification 
process as complex and 
lengthy. Iridium Satellite LLC 
in Arlington, Va., has submit- 


ted a proposal to the FAA fora | ‘ 


similar system using its satel- 
lite system. And Chicago- | 
based The Boeing Co. has said | 
it can provide the same capa- 


bilities through its Connexion 


by Boeing service. Connexion | 
by Boeing was originally de- | 
signed to provide high-speed 
Internet connections for pas- 
sengers. 

Tim Scannell, an analyst at 
Mobile Insights Inc. in Quincy, 
Mass., said any aviation securi- | 
ty system that relies on either | 
Iridium or Globalstar is | 
“chancy” because of the finan- 
cial conditions of both compa- | 
nies. Iridium has already filed 
for bankruptcy protection | 
once, and Globalstar has sus- 
pended payments on the debt | 
used to finance its $850 million | 
system last January. | 

Installing new avionics | 
equipment on commercial air- | 


oa 
In-Flight 
Video 
Barriers 


The FAA and the airlines con- 
sider in-flight cockpit security 
video technology a long shot 


| because: 


cockpit video gear would need 


g@ Transn 
avionic nav 


| mlnterference v 


| systems 


iS Poss! 


sg lnstallation in the existing fleet would be 


| very complex 


| craft is a “complex undertak- 


ing” and requires a long testing 
process, according to FAA 


spokesman William Shumann. | 


The task is compounded be- 


| cause different satellite equip- 


ment would have to be 


de- 
signed for every kind of air- 
craft, ranging from smali com- 


muter planes to jumbo jets. 
Management of live voice 


| and video data streams would 


be equally difficult, Shumann 
said, noting that there are 


35,000 to 40,000 flights each 
| day in the U.S. 


| cations in 


Mobile Communi- 
Bethesda, Md., a 
unit of Lockheed Martin Glob- 
al Telecommunications Inc., 
has a leg up on the planned 
Qualcomm/Globalstar and 
Iridium aviation security sys- 
tems because its equipment is 


Comsat 


already FAA-certified and op- 


erating worldwide, according 

to company spokesman Tom 

Surface. 
Surface that 


said today, 


| about 3,500 aircraft have Com- 


designed 


| 
| 
| 
| 


sat satellite systems that are 
to provide 
communications services and 
passenger Internet service. He 
said the Comsat system could 
be adapted to provide the 
same kind of security services 
that Iridium and Qualcomm 
have proposed. D 


crew 





Clarification 


In astory in our Oct. 29 issue about IT layoffs at American Airlines Inc.'s 
TWA Airlines LLC unit, we reported that according to American Airlines 
spokeswoman Julia Bishop-Cross, 200 of TWA’s IT employees had been 
laid off. Bishop-Cross subsequently put that number at 40. However, IT 
employees at TWA, who spoke with Computerworld on condition of 
anonymity, said there have been as many as 420 layoffs. 


GovNlet Plans 


The proposed government 
network would: 


= Be acontractor-operated net- 
work in the U.S. and Canada 


@ Have dedicated hardware and 
personnel. 


ws Have no connections to the 
Internet or other networks 
= Provide commercial-grade voice 
and video communications with 
no connections to the public 
switched telephone network. 
= Use National Security Agency 
hardware to encrypt network 
traffic (payload, not routing) 
@ Include bandwidth-on-demand 
services. 
the fundamental network se- 
curity threats posed by insid- 
ers and highly skilled hackers. 
Rather than improving securi- 
ty, GovNet 
“something in which there is a 


would create 
huge premium for Iraqi intelli- 
gence or Osama bin Laden to 
find some American 
willing to help him and be a 
clever hacker,” Woolsey said at 
a security forum last month. 
When Clarke first raised the 
subject of a series of virtual 
private networks (VPN) for 


who is 


both government and e-busi- 
nesses at a conference on In- 
ternet security in May, the idea 
received a cool reception from 
industry leaders. 

Ken Watson, director of crit- 
ical infrastructure protection 
at Cisco Systems Inc., said, “I 
don’t think it’s viable on many 
levels.” 

George Samenuk, CEO and 
president of Santa Clara, Calif.- 
based Network Associates Inc., 
also dissented. “A VPN defeats 
the purpose, because most of 
the attacks are internal,” he 
said. 

Ironically, the U.S. Justice 
Department on Oct. 23 filed an 
indictment against a TRW Inc. 
employee who was arrested 
last year for using his autho- 
rized access to the intelligence 
community’s secure intranet, 
known as Intelink, to down- 
load classified information and 
sell it to China. 

“The problem is that not 
everyone in the government is 


| guaranteed to be on our side,” 


said Woolsey. D 
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Network Routers Vulnerable 
To Denial-of-Service Attacks 


| to identify the crucial routers | 


BY JAIKUMAR VIJAYAN 
ENIAL-OF-SERVICI 
attacks that target 
and use miscon- 
figured network 
routing equipment 

pose an “imminent 

threat” to Internet security, ac- 
cording to a recent report by 

Carnegie Mellon University’s 

federally funded CERT Coor- 

dination Center. 

Unlike denial-of-service at- 
tacks that individual 
servers, a router-based attack is 
harder to stop and could result 


and real 


involve 


in service disruptions across | 


large swaths of the Internet. 
“Routers, in form 

the backbone of the Internet,” 

said Kevin Houle, a member 


essence, 


of CERT’s staff. “So attacks | 


that involve routing equipment 
raise the potential of entire sec- 
tions of the infrastructure be- 
ing [disrupted ].” 
Houle CERT has 


said re- 


ceived an increasing number 
of reports of intruders taking | 
using | 


control of routers by 


vendor-supplied default pass- 


words. Once inside, an intruder | 


could easily modify a router’s 


configuration and protocol in- | 
formation to misdirect traffic 


over the Internet. Large sec 


tions of the network could be | 


shut down by targeting critical 
routers, such as those belong- 
ing to a major Internet service 
provider, Houle said. 


Bedlam Brewing 

“Once people start attack- 
ing routers in this manner, all 
hell will break loose,” said K. 
Narayanaswamy, chief techni- 


cal officer at Cs3 Inc., a Los | 


Angeles-based security firm 
whose research in this area is 
partially funded by the De- 


fense Advanced Research Proj- | 


ects Agency. “It’s like taking 
the signs on a highway and 


pointing them in all the wrong 
directions.” 

The vulnerability of routers 
has been known for a long time 
but has assumed critical impor- 
tance following the Sept. 1] ter- 
rorist attacks and the height- 


ened threat of cyberterrorism, 


Narayanaswamy added. 
Compromised routers 
also be used by intruders to 
scan networks for vulnerable 
systems and as launch points 
for more traditional denial-of- 
service attacks, which involve 
flooding a network with use- 


can 


| less data, according to CERT. 


CERT report highlights potential threat of | 
disruptions on large parts of the Internet 





While misconfigured routers 
are the most vulnerable, in- 
truders are beginning to devel- 
op other ways of breaking into 


| secure routers as well, accord- 
| ing to analysts. 


Difficult but Doable 


Compared with Web servers, 
critical routers generally 
much harder to find and 
therefore to attack — on a net- 


are 


work, said Ted Julian, CEO of 


Arbor Networks Inc., a security 


vendor in Waltham, Mass. 


Unlike vulnerable servers, 
which are often found by auto- 


| mated scanning tools, breaking 


into routers requires more in- 
side information and sleuthing 


Cisco Pushes VOIP With New 
Phone System, Hardware 


BY JAMES COPE 
Cisco Systems Inc. last week 
announced a bevy of voice 
over IP (VOIP) products, con- 
tinuing the efforts of vendors 
to get technologies supporting 
phone services over data net- 
works in shape for more wide- 
spread corporate adoption. 
Cisco's rollout included soft- 
ware products such as an IP- 
based teleconferencing system 
as well as a series of hardware 
devices, among them a gate- 
way that can connect 48 analog 
phones to a VOIP setup. 


Kevin Wetzel, manager of 


global network services at ad- 
hesive, sealant and coatings 
maker H.B. Fuller Co. in St. 
Paul, Minn., said the announce- 
ments by Cisco underscore the 
increased technical viability of 
IP telephony. 

H.B. Fuller currently uses 
Cisco-based IP phone systems 
at sites in Texas and Switzer- 
land and plans to expand the 
technology to roughly 3,000 


| Wetzel 





phones in 30 locations by next 
May, Wetzel said. 

“Compared to a year ago, 
quality of service [for prioritiz- 
ing voice packets over data 
networks] has become more 
defined,” Wetzel said. In addi- 
tion, software enhancements 


have increased the technol- 


| ogy’s reliability by adding more 


levels of redundancy, he said. 


Payback on some parts of 


the VOIP implementation will 
likely take up to 36 months, 
said. But, he added, 
H.B. Fuller expects to save 
$2 million over the next five 
years by replacing its private 
branch exchange-based phone 
systems with IP technology. 


Emergency Calls 

Joe Gagan, an analyst at The 
Yankee Group in Boston, said 
of the most important 
items added by Cisco was sup- 
port for identifying the loca- 
tions of people who make 911 
calls from IP phones. 


one 


| to attack, according to Julian. 
But if they are found and com- 

| promised, the resulting attacks 
could be “devastating,” he said. 
Although Arbor, like several 

| other vendors such as Mazu 
| Networks Inc. and Asta Net- 
| works Inc., sells tools to miti- 
gate the effect of a denial-of- 
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vider in Lompoc, Calif. 

The company’s servers have 
been hit with eight denial-of- 
service attacks this year alone, 
most of which 724 managed to 
handle on its own, according 
to York. 

“This is a real threat that is 
going to be even harder for the 
authorities to stop,” said Ralph 
Kuntz, chief technology officer 
at Hamilton Scientific Ltd., a 
Roseland, N.J.-based applica- 
tion service provider for health 
care organizations. 

One of Hamilton’s routers 
was broken into earlier this 


| year and used to scan networks 


| service attack targeting servers, | 


| there are few applications cur- 

rently available to with 
| router-based threats. 

“There’s not much you can 


deal 


for vulnerable servers, Kuntz 
said. The company learned of 
the compromised router only 


| after receiving threatening let- 


do beyond making sure your | 


| own routers are secure [by 
| changing default passwords],” 
| said Edward York, chief tech- 
| nology officer at 724 Inc., an 


application hosting service pro- | 


ters from companies that had 
been scanned. D 


ick 
Trike 


www.computerworld.com/q?k1600 


For more security 
news and resources, 
visit our Security 
Knowledge Center 


Flaw Prompts Cisco to Replace Firewalls 


Cisco is being forced to replace 
some of its PIX corporate network 
firewall devices because of hard- 
ware flaws that can cause the sys- 
tems to hang or shut down. 

In a notice posted on its Web 
site in mid-October and updated 
last week, Cisco said PIX 515, 
515-DC and 506 firewalls made 
between last May and Oct. 2 may 
stop functioning under heavy traf- 
fic loads. The company said the 
problem rests with a hardware 
component that it began buying 
from a new supplier in May. 

The only surefire remedy is to 
replace the affected firewalls, Cis- 
co said, adding that it would do so 
free of charge for registered users. 
A possible work-around is to limit 
traffic speeds through the firewall 
to 15M bit/sec. or less, but Cisco 
said the success of that maneuver 
“varies from unit to unit.” 

A Cisco spokeswoman said 
she wouldn't specify how many 
PIX devices were sold with the 


Identifying the locations of 


911 callers has been a big issue 
for VOIP in corporate settings, 
said David Passmore, an ana- 
| lyst at The Burton Group in 








faulty component. But the prob- 
lem applies to “a limited number 
of units,” she said, and the likeli- 
hood that affected boxes will be- 
come unresponsive is “fairly low.” 

Cisco expects the biggest im- 
pact to be on the PIX 515 models, 
which are designed for use in cor- 
porate central offices. The spokes- 
woman said the flaw doesn't affect 
the security integrity of the fire- 
walls. “It results in the box just 
stopping, as opposed to being 
hacked and controlled [by an in- 
truder],” she added. 

Cisco holds about one quarter 
of the firewall market, said Richard 
Stiennon, an analyst at Gartner 
Inc. in Stamford, Conn. The flaw 
highlights a potential problem with 
integrated hardware/software fire- 
wall appliances, he said. 

According to Cisco, PIX fire- 
walls manufactured as of Oct. 2 
aren't affected by the flaw. 

- Stephen Lawson of the IDG 

News Service and James Cope 


Salt Lake City. “Some states re- 
quire you to be able to locate 
callers who have phones con- 
nected to the corporate Ether- 
net,” Passmore said. D 





THE CATALOG OF @ BUSINESS 


THIS IS THE START OF 
SOMETHING BIG 


THE AMAZINGLY SCALABLE IBM NAS. 
SEE FOR YOURSELF - WITH NO PAYMENTS FOR 90 DAYS. 


Massively scalable data storage that fits into just about any LAN - 
fast. That's the power and flexibility of the IBM Network Attached 
Storage (NAS) family of products. See for yourself. Finanee and 
install an IBM NAS product before December 31, 2001, and 
you don’t have to make a payment for 90 days! You can also 
take advantage of our low financing rates. You'll see IBM NAS 
makes file sharing easier - and easier to manage. It scales as your 
data needs grow. It offers integrated. multi-protocol support. And 
it’s quick to install. with little or no downtime. Start something big 


today. For more details. or to ask about a demonstration at an 





IBM TotalStorage Solution Center. call 1800 426-7777 and ask for 


Install IBM NAS before December 


; : and *t make a payment for 90 days 
remember to ask for your complimentary IBM NAS Information Pack. Pot, __and don't m eee ree eee ee 


Priority Code 1OLEY002 or visit ibm.com/totalstorage/nas20. And 


9 ibm.com/totalstorage/nas20 @ 1800 426-7777 Priority Code 101EY002 











Telecom Manager Is 
Named Polaroid C10 


Cambridge, Mass.-based Polaroid 
Corp., which filed for bankruptcy 
protection last month, named Cindy 
Micavich as its new CIO. Micavich 
replaces Tom Hennigan, who retired 
after 29 years at the company. 
Micavich, who manages global 
telecommunications at Polaroid, 
will keep that job and take over 
worldwide responsibility for the 
company’s IT department. 


Testing Service, CSC 
In Outsourcing Deal 


Princeton, N.J.-based Educational 
Testing Service (ETS) signed a 
$300 million IT consulting and out- 
sourcing deal with Computer Sci- 
ences Corp. (CSC) in El Segundo, 
Calif. All of the testing service's 
sites are covered by the 10-year 
agreement. Approximately 130 IT 
workers at ETS will be shifted to 
CSC when the contract takes effect 
in January. 


Times Victimized by 
New Nimda Variant 


Servers at The New York Times 
were among the systems hit by a 
new variant of the Nimda worm that 
began circulating last week. The 


Nimda.e variant left the newspaper's | 


editorial staff unable to access the 
Internet for about four hours before 
network traffic was rerouted around 


the infected servers. The Times later | 


applied patches to the systems. 


Short Takes 


San Jose-based software vendor 
BEA SYSTEMS INC. lowered its 
business forecast and said it will lay 
off about 300 employees by year’s 
end, cutting its workforce by up to 
10%. . . . IBM’S LOTUS SOFTWARE 
GROUP said it will start selling a 
stand-alone version of its Discovery 
Server knowledge management 
tool, which was previously bundled 
with portal software. 


| downsized 


| and 


| company, 
| tions, 
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Businesses ‘Tap IT’ to Make 
Up for Staff, Budget Cuts 


| Many tech projects now aimed at helping 
companies deal with reduced resources 


| BY LEE COPELAND 
HE ONGOING eco- 
nomic 
prompting 
nesses to devote 


slump is 
busi- 


IT resources to 
aimed at keeping 
enterprises hum- 


projects 


| ming in the face of across-the- 
| board staff and budget cuts. 


The United Air Lines Inc. 


| unit of UAL Corp. is a case in 
| point. 


terrorist 
coupled 


The Sept. ll 
attacks on the USS., 
with 
prompted United to furlough 
almost 20,000 workers. That 


| cut included 30% of the Chica- 


airline’s IT staffers, 
or about 600 employees. But 
IT is still in the forefront of 
beefing up customer service 
thus improving United’s 
overall responsiveness to the 
immediate business climate. 
“After having 


go-based 


just reduced 


| our workforce throughout the 


including reserva- 
that’s putting a huge | 
| strain on the reservations peo- 
| ple who have to call people and 
| take calls from people,” 
United CIO Eric Dean. 

In the midst of flight and 
| staffing reductions, United last 
| week launched a revamped 
reservations system. 
makeover 


said 


The sys- 
| tem was in 
functionality to handle 
| mated rebookings and support 
| readjusted flight schedules 


| was added to alleviate burdens | 


| on the reservations staff and to 

| make flight transfers easier for 
passengers. 

“Largely, this was done to re- 


| spond to what the real traffic | 


| currently is, rather than focus 
| on just cost saving,” said Dean. 
“But this is a revenue-generat- 

ing mechanism to make flying 


| more convenient.” 


a sliding U.S. economy, | 


| technology 
| aligned with current business | 
| priorities. 


the | 
| works prior to Sept. ll, but new | 
auto- | 


United’s IT operation is also 
stepping up the use of its Easy- 
Check-in kiosks 


self-service 


to compensate for fewer ticket- | 


counter employees. 


pass long lines at airport ticket 


Those | 
| kiosks allow customers to by- | 


counters and retrieve boarding | 


passes from automated 


| chines. 


| Widespread Aftershocks 


Though the airlines face the 


ma- | 


double whammy of a limping 


and the 
quences of the 
tacks, IT leaders in the indus- 
try aren’t 
measures to 


economy conse- 


ensure 
investments 


Chicago-based USG Corp., 


the world’s largest producer of | 
| Sheetrock, 


with $4 billion in 


revenue last year, filed for 


terrorist at- | 


alone in instituting | 
that | 
are | 


Chapter 11 bankruptcy protec- | 
tion this past summer. USG 
CIO Jean Holley said her IT 
budget intact, but 
she’s adopting a more targeted 
approach to new development 
projects to ensure high quality 
controls and a fit with current 


remains 


business needs. 

“We now selling our 
product for half of what it 
sold for two years ago,” 
Holley. “My dollar amount 
{for IT spending] hasn't 
changed, but my 


are 


said 


ects, we do six and nail them 
before we move on.” 


Some of those projects in- | 


clude creating online design 
and materials estimation tools 
that contractors can use to de- 
termine Sheetrock require- 
ments instead of calling a cus- 
tomer support representative. 
Vin Melvin, CIO at SCI Sys- 
tems Inc., has adopted a simi- 
lar approach. 


Huntsville, Ala.-based maker 


of electronic components has 
also abandoned the practice of | 


Tips for Tough Times 


With gloomy economic conditions expected to carry over to next 
year, IT leaders offer these tips for aligning IT with new business 
operations, such as large staff and cost reductions: 


» Remember that IT's role is to assist in meeting business needs, so set 


priorities and policies that reflect the current business climate. 
Eric Dean, CIO, United Airlines 


> Make the most of existing investments that were made during 
the economic boom of the last few years. 


John Moon, ClO, Baxter: international Inc. 


> Sanastadins casat T cepabiitiives te detain mestene 
support is required in an economic climate that may mean fewer 


orders to process. 


Vin Melvin, CIO, SCI Systems Inc. 


> Finish what you start. Focus on fewer and more targeted IT projects 
instead of undertaking several at once. 


Jean Holley, C10, US6 Corp. 


Ligation ete chieninieine todaibten: witbéd 


can improve operating margins. 


dim Johnson, CIO, Guide Corp. 


| three 


| something new,” 


runways | 
are shorter. Instead of 50 proj- | 


| don-based 


The $9 billion | 


| Johnson, 


which posted sales of 
| million last year. 





undertaking a flurry of proj- 


| ects at once. 


“A lot of people in the IT or- 
ganization were trying to stay 
projects ahead. Now 
we're trying to gain value with 
two before starting 
said Melvir, 
adding that a customer rela- 
tionship management project 
is taking on renewed impor- 


one or 


| tance as SCI tries to keep bet- 
| ter 


tabs on its customer re- 
sponsiveness. 

“IT is getting pulled in all di- 
rections at once,” said David 
Bradshaw, an analyst at Lon- 
Ovum Research 
Ltd. “But projects with imme- 
diate returns are still getting 
the nod.” 

Projects that stay on top of 
changing business  require- 
ments have impor- 
tance, as do those that offer im- 
mediate cost reductions, 
cording to CIOs. 

Headlamp and _ tail-light 
maker Guide Corp., for exam- 
ple, plans to launch a shop 
floor application early next 
year that’s geared toward find- 
ing and reducing defective ma- 
terials. By detecting defects 
early on, Guide has a better 
chance of fixing and reusing 
those products, and the com- 
pany expects multimillion-dol- 
lar annual savings, said Jim 
CIO at the Pendle- 
Ind.-based manufacturer, 
$600 


renewed 


ac- 


ton, 


“The economic downturn 
has exacerbated the situation, 
but we were focused on trim- 
ming costs before,” Johnson 


| added. “You can’t say IT is sav- 


ing the company seven figures, 
but you can say IT is helping to 
meet our business objective of 
a seven-figure cost reduction 
in scrap materials.” D 


a 
C 
ment/Leadership 


Dink Knowledge Center 


www.computerworld.com/q?K1900 


For more resources, 
visit our IT Manage- 





NUMBER OF PEOPLE 
ON YOUR NETWORK 


NUMBER OF PEOPLE 
ON YOUR BACK 


RETURN ON COMMUNICATIONS 


Fact: The sales department has different needs than 
HR. Or manufacturing. Or customer service. And they 
all need to be on your network. But it’s not enough to 
build a network just to run everyone’s apps. You need 
one that'll do so without causing you massive 
headaches. And that will return your investment. 


Short and long term. 


©2001 AT&T. 


That’s where AT&T comes in. We know complex 
networks. We know reliability. And we know results. 
Proof? For Steelcase, we put 30 factories and 16,000 
employees on a single North American network, speeding 
up customer service and saving hundreds of thousands 

of dollars a year. 


Want similar returns? AT&T can help you get them. 
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EMC Opens ‘Tools to 


Rival Storage 


User demands for interoperability prompt 
new approach on management software 


BY LUCAS MEARIAN 
OWING TO user re- 
quests for open 
storage management 
EMC 


Corp. last week an- 


capabilities, 


nounced a suite of tools that 


can control the company’s 
and 
made by rival vendors. Hop- 
kinton, Mass.-based EMC said 
it can now offer IT managers a 


view of their storage-area net- 


storage devices those 


IBM Pushes 
Midrange Array 


IBM last week released a mid- 
range disk array targeted at 
EMC's Clariion product line and 
said it will stop reselling a simi- 
lar device made by Compaq 

IBM's new FastT700 stor- 
age server provides 2G bit/sec 
Fibre Channel connectivity and 
can handle up to 16TB of data 
Anne MacFarland, an analyst 
at The Clipper Group Inc. in 
Wellesley, Mass., said the 
FastT700 has a slightly lower 
starting price than the Clarion 
4700 and supports advanced 
storage functions such as re- 
mote data copying. 

IBM has been reselling 
Compaq'’s MA8000 array un- 
der an agreement that was 
signed last year that also allows 
Compag to market IBM's high- 
end Shark devices. But now 
that IBM has fleshed out its 
own midrange products, it no 
longer needs to offer the Com- 
pag box, said Bob Samson, 
worldwide vice president of 
sales and operations for IBM's 
storage systems group. 

Samson also said some 
users had been playing the two 
companies against each other 
on pricing because they were 
selling the same product. 

- Lucas Mearian 


| such as 


| engineering services at 
| chase, N.Y.-based MasterCard. 
| “You have to pull two or three 


works (SAN) that includes disk 


| arrays and tape systems from 


its major competitors, including 
Compaq Computer Corp., 
Hewlett-Packard Co. IBM, 
Sun Micro-systems Inc. and 
Network Appliance Inc. 

The tools are aimed at users 
MasterCard Interna- 
tional Inc., which manages 
pieces of its IISTB SAN with 
EMC’s ControlCenter software. 
But that product supports only 
EMC’s own storage equipment. 

“Right now, you end up man- 
aging different 
said Jim Hull, vice president of 
Pur- 


from staffs,” 


| groups together to find out 


Devices 


what [storage you] have on the 
mainframe side, the Unix side 


| or the Windows side.” 


But Hull said EMC’s Con- 
trolCenter/Open Edition suite 


announced last week should 


| let him consolidate resources 


to “have one control center 


managing the whole thing.” 
EMC 


has been considered 


| one of the less-open storage 
| vendors. But now it’s “really 


throwing down the gauntlet,” 
said Bill North, an analyst at 
IDC in Framingham, Mass. 


| “The real question is, from a 


market penetration point of 
view, will they be successful as 


a software provider outside the 


EMC installed base?” 


Joe Tucci, EMC’s president 


| and CEO, acknowledged dur- 
| ing a press conference that the 


open storage management 


| suite will transform the com- 
| pany. But, he said, users have 


Users: Progress Slow on 
Supply Chain Projects 


Tight budgets, 
supplier problems 
prolong paybacks 


BY MARC L. SONGINI 
For some users whose compa- 
nies have invested in costly 


tems, the heady promise of 
those projects is giving way to 
a more challenging reality. 

Several supply chain man- 
agers said they’re contending 
with problems such as inade- 
quate IT resources, faulty data 
entries by external users and 
hesitation on the part of sup- 
pliers about adopting the new 
systems. That’s slowing the 
process of making the systems 
pay off, they said. 

“Our progress has been very 
slow,” said Deb Kunkler, pro- 


curement Idaho 
Power Co. Limited access to IT 


manager at 


| staff support and a tight budget 
| are delaying a planned upgrade 
| of Idaho Power’s procurement 
| system, preventing the Boise- 
| based utility from adding more 


suppliers to the system and tak- 


| ing full advantage of the appli- 
supply chain management sys- | 


cations it’s using, Kunkler said. 


Anticipated Growth 


Sales of supply chain soft- 


| ware are still expected to grow 
| by 28% this year, reaching a to- 
| tal of $6.6 billion, according to a 


report by AMR Research Inc. in 


| Boston. Supply chain vendors 
| such as Dallas-based i2 Tech- 
| nologies Inc., which announced 
| an upgrade of its applications 


last month, are counting on new 
projects to help boost sales. 
But users are now more cau- 


tious about their supply chain 


Managed Storage 
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EMC’s ControlCenter/Open Edition storage management suite 
includes the following new products: 


ControlCenter Replication Manager: Automates the scheduling of data 


backups and disk replication procedures on various devices. 


ControlCenter StorageScope: Aresource reporting tool that collects and 


analyzes usage data and other information from storage devices. 


Common Array Manager: Displays how much storage is allocated to disk 


arrays and servers made by different vendors. 


WideSky: A middleware application that controls the other tools and ties 
together information from various storage systems. 


made it clear that they want 


the ability “to manage all the | 


information across their enter- 
prise, whether it’s on EMC 
[disk arrays] or one of our 
competitors’ platforms.” 
Included in the new suite are 
tools supporting data replica- 
tion, collection of information 
about storage resource use and 


= : | 
displays of how much data is | 


allocated to different devices 
(see box). 


The allocation tool “can go | 
| eliminating the need to do 


back and look at storage in the 
context of departments or or- 


investments, said Jill Jenkins, 


|} an analyst at Current Analysis 


Inc. in Sterling, Va. Instead of 
doing big, long-term rollouts, 
Jenkins said, many companies 


| are dividing implementations 


into segments to “solve indi- 
vidual pain points” and get 


| quick returns on investment. 


Hunt Corp., a Statesville, 
N.C.-based distributor of office 


| supplies and graphics prod- 


ucts, recently finished an up- 


| grade to its MFG/Pro supply 
| chain and enterprise resource 


planning (ERP) system from 


| QAD Inc. in Carpinteria, Calif. 


The upgrade will let suppliers 
log in to the system to review 


| their inventory levels at Hunt 


and send shipment confirma- 
tion notices, said Ted Raiman, 
director of supply logistics. 

But those features won’t be 
made available until next year, 


said Raiman, who’s wrestling | 


with a problem involving sup- 
pliers who misidentify items 
or fail to provide proper bar 
codes and labels — snafus that 
can have a big effect on Hunt’s 
supply chain system. 


| One 





| ganizations or applications or 


databases or file systems,” 
North said. “You really begin 
to get storage management in- 
tegrated back to the context 
that people would like to think 
about it — management of ca- 
pacity and availability.” 
Jim Rothnie, senior 
president and chief technology 
officer at EMC, said the tools 
automatically recognize and 


vice 


| begin monitoring new devices 


that get plugged into a SAN, 


manual setup work. D 


“Our processes are mostly 
automated, and any [mistakes] 
put us into a manual mode, 
which slows down the move- 
ment of the materials, poten- 
tially creating production dis- 
ruptions,” Raiman said. Hunt 
has even taken to charging 
some chronic offenders $250 to 
fix their errors, he said. 

Kunkler said Idaho Power 
had hoped to complete by Au- 
gust its upgrade of procure- 
ment software from Pleasan- 
ton, Calif.-based Commerce 
Inc. and ERP software 
from Atlanta-based Indus In- 
ternational Inc. 

The delay is “probably a 
result of us not putting the 
appropriate resources on the 
project,” Kunkler said. She 
added that the utility has had 


| to hold off on adding suppliers 


of production materials to the 
system while work on the up- 
grade continues. D 

chain issues, visit 


ick 
uc our Web site 


www.computerworld.com/q?k2000 


For more news and 
resources on supply 
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OF THE OFFICE 





WORKERS OUT 
OF THE LOOP 


RETURN ON COMMUNICATIONS 


Information is useless if you can’t use it in time. Which means 
your people in the field need the same resources, and the same 


access, that they have back at headquarters. How do you give it 


to them? By turning each employee into a walking branch office. 


AT&T can make it happen. We're experts in setting up secure 


remote-access solutions. Whether your people are across town. 


Or across the planet. 
Want an example? Today, we provide Web and Audio 


©2001 AT&T. 


Conferencing Services for GTECH, a global IT company 
servicing the lottery industry. Now its 4,600 employees can 
send messages or data, access key documents, or share 
applications from any location in 43 different nations. Result: 
GTECH makes decisions faster, and jumps on opportunities 
in real time. 

Want to keep your people close (even when they’re not)? 
Get in touch with AT&T. 





Worldspan, Compaq 
Sign Server Deal 


Atlanta-based Woridspan LP signed 
a three-year deal to buy IT equip- 
ment from Compag Computer Corp. 
for use internally and by travel 
agencies tied into its reservation 
system. Financial terms weren't dis- 
closed. Worldspan, which already 
processes travel transactions on 
Compag’s NonStop Himalaya sys- 
tems, said it will add the vendor's 
ProLiant servers for uses such as 
e-commerce and e-mail. 


Tighter Security 
Planned for Comdex 


Key3Media Group Inc., which is 
organizing the Comdex Fall/2001 
trade show, said it’s tightening se- 
curity for the event, being held next 
week in Las Vegas. Attendees will 
have to pick up their badges in per- 
son, carry valid photo identification 
at all times and allow extra time to 
get through security checkpoints, 
said Key3Media. 


Bush Opposes .kids 
Domain Legislation 


The Bush administration objected to | 


legislation that would force the In- 
ternet Corporation for Assigned 
Names and Numbers in Marina del 
Rey, Calif., to create a .kids top- 
level domain for children’s content. 
Nancy Victory, an assistant secre- 
tary of commerce, told a U.S. House 
committee that unilaterally creating 
the domain would be “at odds with 
the global nature of the Internet.” 


Short Takes 


INTEL CORP. and Sunnyvale, Calif.- 
based ADVANCED MICRO DEVICES 
INC. cut the prices they charge 
hardware vendors for their rival 
high-end microprocessors. . . . IBM 
and MICROSOFT CORP. proposed 
an XML-based specification for de- 
scribing the Web services compa- 


nies offer and how users can access | | 
| are supporting the war against 


the services. 


| rorists,” 
| James King, former director of 
| the 
| Mapping Agency, which is re- 
| sponsible for lifting the fog of 
war with digital mapping and 
imagery 


NEWS 


Private-Sector I'l’ Key 


| Military calls on n companies to help 
develop tools that cut through ‘fog of war’ 


| BY DAN VERTON 
RYSTAL CITY, VA 


S THE WAR against 


terrorism has con- | 
tinued to escalate, 


the IT 


has_ increasingly 


| found itself standing shoulder | 
to shoulder with the military, | 
| that | 
| are critical to eliminating bat- | 


providing technologies 


tlefield confusion, known as 
the “fog of war.” 

“We're going to defeat ter- 
said Army Lt. Gen. 
and 


National Imagery 


support. However, 





| vestment in technology, 


| he said, 
| the full attention of industry.” 


victory will require more in- 
and 
that rests with private industry, 
adding, “It must have 


IT is the “cornerstone” of 
the Department of Defense’s 
| plan to achieve what it calls 


“a: .£ : “ss | 
information and decision su- 


periority” — getting the right 
| information to the right people 
at the right time and in the 
right format, 
| former deputy assistant secre- 
| tary of defense for command, 
| control, communications and 
intelligence and now a mem- 
| ber of the board of directors at 
| Mountain View, Calif.-based 
| Silicon Graphics Inc. “That can 
| only be achieved through a 
| reaffirmation of the govern- 
| ment/industry team,” he said, 
speaking here at the first annu- 

| al SGI Defense Summit. 
Experts say today’s IT indus- 
| try is living up to the standard 
| set by companies like New Or- 
| leans-based Higgins Industries 
| Inc., which designed and built 
| the boats that landed USS. 
troops in Europe during World 
War II. Technology companies 


| terrorism 
| mance 


industry | 


said Art Money, | 





with 
computers, 
visualization software, 
mercial imagery and database 
integration support. 

“To fight the 
have to visualize the enemy,” 
said SGI Chairman 
Robert Bishop. 


The Pentagon’s immediate 


IT requirements include inte- | 
grating its databases, acquiring | 
geospatial data sets with more | 
and higher resolution, 
and developing a conceptual | 
data model that can facilitate | 


detail 


the creation of interoperable 


high-perfor- | 
advanced | 
com- | 


enemy, you | 
| been 
which either stray bombs or | 
| targeting errors have resulted 
in civilian casualties, Pentagon | 


and CEO | 


| process” 


databases, said King. 

“We will not achieve a true 
‘sensor-to-shooter’ [network] 
until databases are interopera- 
ble,” said King, referring to a 
problem that has dogged the 
Pentagon for years and may 
have had a hand in recent tar- 
geting mistakes in Afghani- 
stan. Despite the use of preci- 
sion-guided bombs, there have 
several instances in 


officials have acknowledged. 
For example, Red Cross food 
aid facilities were mistakenly 
bombed twice within two 
weeks. Pentagon officials said 


“human error in the targeting | 


was to blame. Data- 


Visualization Supports Special Forces 


CRYSTAL CITY, VA 
U.S. fighter pilots and the mili- 
tary’s Special Forces are preparing 
for missions in Afghanistan and 
elsewhere using advanced visual- 
ization technologies that provide 
amazingly accurate virtual models 
of buildings, cities and terrain. 

The Navy has deployed a 3-D 
visualization software tool devel- 
oped by Bethesda, Md.-based 
Lockheed Martin Corp. called 
Tactical Operationa! Scene (Top- 
Scene) aboard several U.S. Navy 
aircraft carriers that are now sup- 
porting raids against terrorist tar- 
gets in Afghanistan, experts said. 

TopScene, which runs on com- 
mercial, high-performance com- 
puters designed by SGl, integrates 
real-world satellite imagery, hand- 
held photography, and video with 
Digital Terrain Elevation Data to 
produce realistic 3-D pictures that 
are accurate to within less than 
1 meter. Pilots and soldiers are 
able to use the system to fly or 
walk through a virtual representa- 
tion of the exact location to which 
they are being sent to conduct 
operations. 

“They order imagery like they 
do ammunition,” said Bob Mace, 
an executive at Fairfax, Va.-based 





Anteon Corp. who serves as 
deputy program manager for mis- 
sion rehearsal at the Navy's Top- 
Scene program office in Patuxent 
River, Md. Mace demonstrated the 
system here at the 
first SGI Defense 
Summit, sponsored 
by SGI and seven 
other IT companies. 

The system was 
also used during the 
1999 war in Kosovo. 
And an imagery and 
terrain database of 
Yemen was built in 
only two days after 
terrorists detonated 
a bomb that nearly 
sunk the Navy de- 
stroyer USS Cole, 
Mace said. Since then, TopScene 
4000 systems, which run on SGI 
Infinite Reality high-performance 
computers, have become standard 
equipment on every aircraft car- 
rier, Mace said. 

Special Forces, which are oper- 
ating on the ground in Afghani- 
stan, have a 3-D urban visualiza- 
tion tool at their disposal called 
RealSite. Developed by Mel- 
bourne, Fla.-based Harris Corp., 
RealSite was used by security 





ANTEON’S BOB MACE 
demonstrated TopScene 
at the Defense Summit. 
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| base problems and human er- 
| ror also led to the 
| bombing of the Chinese em- 
| bassy in Kosovo in 1999, 


In War on lerrorism 


| in one system have in the past 
| been read as “enemy” 
| said Robert Hutten, deputy di- 


accidental 


Part of the problem is that 
objects labeled as “unknowns” 


in others, 


rector for strategic plans and 
policy at the Defense Informa- 
tion Systems Agency, the Penta- 
gon’s network provider. 

The Marines pian to develop 
portable unmanned aircraft that 
can transmit real-time digital 
video of targets to help avoid 
but bandwidth re- 
mains a challenge, officials said. 

“A lot of the requirements are 
not technologically doable” at 
the present time, said Hutten. 
“There’s a lot of work for in- 
dustry.” D 


Quick 


Link@ tre 


mistakes, 


For more infor- 
mation, visit our 
Washington special 
focus page online 


forces to plan where to position 
monitoring equipment and per- 
sonnel during the Summit of the 
Americas in Quebec in April. It has 
also been used to prepare for the 
Olympics in Salt Lake City and to 
study the aftermath of the Sept. 11 
attacks in New York. 

Harris developed 
the imagery data- 
base for the Olym- 
pics security plan- 
ning in one week 
and produced virtual 
walk-through scenes 
of 3,000 buildings 
in New York in two 
days, said Joe 
Nemethy, Harris’ 
RealSite product 
manager. Harris is 
currently working 
with the city of Orlan- 
do on security planning and with 
the Pentagon's National Imagery 
and Mapping Agency to produce 
models of every major port facility 
in the U.S., said Nemethy. 

“Collaborative visualization” is 
the key to teamwork, said SGI 
Chairman and CEO Robert Bishop. 
He said these technologies could 
also benefit private industries, in- 
cluding the manufacturing, energy, 
medical and media industries. 

~ Dan Verton 
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RETURN ON COMMUNICATIONS 


Knowledge in your supply chain: It can be a source of 

income or aggravation, depending on how seamlessly your 
: network works with others. 

That’s where AT&T comes in. We know network integration. 

And we know how to make complex supply chains work. 

Want proof? For Safelite Auto Glass we link over 


500 salespeople with more than 60 insurance companies, 


200! AT&T. 


675 retail stores, 80 warehouses and 3,000 mobile vans. 
So Safelite secures vital insurance claim information 
quickly, and keeps track of 2.6 million customers a year. 
Which shows that the right investment in your 
communications gives you returns worth shouting about. 
Need to make your network a better communicator? 
Talk to AT&T. 


— 
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New Rules 


ulations to be drafted within a 
year that will set standards for 
customer verification and fi- 
nancial records 
And the government has nine 
months to develop a 
network to be used by firms to 
share information with federal 
authorities. 

The financial services com- 
ponent of the antiterror law is 


production. 


secure 


primarily aimed at detecting 
money laundering. Banks that 
now track deposits of more 
than $10,000 may be required 
to examine lesser amounts and 
pull together records quickly 
for investigators. 
One challenge 
said Mark 
privacy officer at Providian Fi- 
nancial Corp. in San Francisco, 
will be tracking international 
deposits, which currently get 
far less scrutiny than domestic 
transactions. Bank transaction 
systems may have to be repro- 
grammed to collect data when 
a wire transfer to an offshore 
account is executed, he said. 


for banks, 


“We may have to increase re- 
tention of those types of trans 


actions,” said Loewenthal. “If 


we have to track all transac- 
that will be- 
more cumber- 


tions overseas, 


come even 
some.” 
Until the regulations are 
drafted, it’s impossible to know 
exactly what will be required 
of companies. But based on the 
open-ended language, 
the extent to which systems 
will need to be upgraded could 


be 


law’s 


substantial, according to 
analysts, corporate executives 
and industry groups. 


Costly Due Diligence 

“The new law is going to put 
upfront, 
know-your-customer, due-dili- 
gence activities, and that’s got a 
huge Breffni 
McGuire, an analyst at Need- 
ham, Mass.-based TowerGroup. 

One provision in the law 
calls for a federally mandated 
minimum standard for verify- 
ing a customer’s identity. It 
might not be enough anymore 
for a bank employee to take a 


more emphasis on 


cost,” said 


Loewenthal, chief 


| 


quick look at a driver's license 
before opening a customer ac- 
count. Real-time verification 
of the license against public 
records may be required, along 
with the ability to scan and 
save copies of customer identi- 
ty documents. Biometric 
quirements are also possible. 
“Biometrics is a slow-mov- 
ing train, but a train nonethe- 
less. This may accelerate it,” 
Peter Browne, former 
head of information security at 
Charlotte, N.C.-based First 
Union Corp., who now is the 
head of New York-based Pre- 


re- 


said 


dictive Systems Inc.’s security 
practice. 

Regardless, Browne warned 
that background checks and 
real-time communications are 
“going to add cost and time.” 

The law gives regulators a 
lot of latitude. But IT man- 
agers, such as Richard Snipes, 
vice president of technical ser- 
vices at Washington Mutual 
Inc. in Seattle, the 
ninth-largest bank, 
nothing now but wait for guid- 


nation’s 


can do 


Continued from page 1 


Stock Trades 


citing the terrorist attacks on 
the U.S. and the fact that many 
brokerage houses and banks 
are focusing more on business 
continuity planning than on 
shortening settlement times. 
But not everyone is convinced 
that T+1 will happen by 2005 — 
or at all, for that matter. 

“I don’t know if it’s doable by 
2005. There are going to be a 
lot of issues that will come up,” 
said Steven Schutze, director 
of e-strategies at the American 
Bankers Association in Wash- 
ington. “We're still rethinking 
things like the reliance on the 
infrastructure outside the fi- 
nancial industry: 
telecommunications, airplanes 
and mail, things like that.” 

Schutze’s were 
echoed by other financial ser- 
vices IT managers who ques- 
tioned whether 24 hours is 
enough time to correct com- 
mon errors in a trade, such as 
misplaced decimal points or 
numbers, and __ especially 


services 


concerns 


NEWS 


ance. “The business unit will 
eventually make a decision on 
what's that 
obligation,” Snipes said 

Companies usually have a 
much better of idea of what to 
expect from regulators. If not 
for the current crisis, this law 
would have likely taken years 
to and it 
would have been fully vetted at 
hearings and forums. 


needed to meet 


pass, not weeks, 


Industry Support 

Despite the 
about the 
pact, it has won support from 
trade groups representing fi- 
nancial services firms. Indus- 
try work 
closely with regulators, who as 
part of the rule-making proc- 
ess are required to seek input 
from companies affected by 
the law. 

“While this is going to add 
some new regulatory require- 
ments, we are willing to take 
on those requirements because 


uncertainty 


law’s ultimate im- 


groups expect to 


we share the goal . . . of eradi- 


cating money laundering,” said 


whether one day would be 
enough time to 
back up and running in the 
event of another disaster like 
the Sept. ll terrorist attacks. 
The 
change Commission is pres- 
suring the financial services 
industry to clear and settle all 
trades within 24 The 
last time IT systems were en- 
to speed up clearing 
and settlement was 1995, when 


get systems 


Securities and Ex- 


hours. 
hanced 


processing time was reduced 
from five days to three. 

Among other things, T+] 
would reduce settlement risks 
and resolve open credit exten- 
sions created by waiting three 
days. 

Clearing and settlement is a 
complex process that involves 
he seller and the buyer regis- 
tering a transaction with a cen- 
tral clearing organization, such 
as The Depository Trust & 
Clearing Corp. (DTCC) or the 
New York Clearing House. The 
buyer and seller then have to 
reconcile their accounts, and 
any errors have to be corrected 
in a process that can involve 
half a dozen people. 

“In a major disaster, being 
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-Enlisting Banks in the Fight 


The antiterrorism legislation approved by President Bush on 

Oct. 26 requires regulators to come up with rules to extend the 
“long arm” reach of authorities to pursue terrorists and money 
launderers. Based on the law’s broad language, regulators will be | 
writing new rules for financial services firms on these issues: 


TIMELY RESPONSE 


Financial institutions will get five days to respond to requests for information 
from authorities. That may seem generous, but it isn't necessarily enough time 
for a large multinational bank with many foreign business operations and 


disparate systems. 


_ VERIFICATION OF IDENTIFICATION 


This sweeping, open-ended provision calls for minimum standards to deter- 
mine customer identity. It's up to regulators to determine how this is done. 


The law includes a range of anti- money-laundering provisions that will require 
banks to improve their ability to spot suspicious activity. 


PL ak) 


The government will have nine months to establish a secure network over 
which financial services firms can file suspicious-activity reports. 


Lisa McGreevy, director 
government and public affairs 


at The Financial Services 


forced to settle that day is a 
major issue,” said Ed Alsberg, 
information 
tions director at the New York- 
based DTCC. 


systems opera- 


Damaged Lines 

The Bank of New York Co., 
which is the only major clear- 
ing firm that houses its opera- 
tions in downtown New York, 
faced major difficulties getting 
trades settled after Sept. ll. 
The problems didn’t involve 
settlement systems, but rather 
the transmission of settlement 
data through telecommunica- 
tions lines that had been cut or 
damaged. As a result, the trans- 
fer of settlement instructions 
was slowed, according to Meri- 
dien Research Inc. in Newton, 
Mass. 

“To get from T+5 to T+3, you 
hire more people. To get from 
T+3 to T+, you really have to 
be automated,” said Deborah 
Williams, a research analyst at 
Meridien. “I don’t think it is 
one issue. There are hundreds 
of some small and 
some large, revolving around 
ensuring that trades settle 
quickly and accurately.” 


issues, 


of 





Roundtable in Washington. 
That group represents the top 
100 financial services firms. D 


One key technology hurdle 
facing settlement and clearing 
is straight-through processing 
(STP), a technology infrastruc- 
ture and business processes 
that link brokerages, clearing- 
houses and banks. STP would 
provide a nonstop flow of in- 
formation from trade execu- 
tion to settlement. 

Larry Tabb, an analyst at 
Needham, Mass.-based Tower- 
Group, said T+ is “the right 
thing to do,” but he added that 
STP issues have to be resolved 
first. 

For example, Tabb said, U.S. 
firms need to link into an inter- 
national TCP/IP network be- 
ing established by the Global 
Straight Through Processing 
Association, a financial ser- 
vices industry group that fo- 
cuses on cross-borrder securi- 
ties transactions.. 

“The other issue would be 
creating a process around data 
efficiency — consistent cus- 
tomer databases and settle- 
ment instruction databases,” 
Tabb said. “You need to create 
one system that repopulates 
that information in a master 
database.” D 





E4nfostructure” 


Stretching the limits of your data storage systems? 


DS 


eds.com 


EDS Intelligent Storage Services, with the burstable capacity of Liquid Storage”, can tame your most volatile e-business 
flows with confidence, without bursting limited capital budgets. Intelligent Storage Services, offered by EDS and 
other service providers digitally powered by EDS, gives you the storage capacity you need, when you need it. 
Call us at 888-889-1392, or visit us online at eds.com/storage, before your current system leaves you all wet. 
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Security ROI Calculations 
Pose Challenges for Users'| 


Business- oriented approach recommended, 


but meaningful measurements can be elusive | 


BY JAIKUMAR VIJAYAN 


WALTHAM, MA 


NFORMATION 
gy managers 
looking to justify their 
security spending would 
be better off presenting 

the issue as a 

a technical one, according to 

security analysts who spoke at 

a seminar here last month. 

The business-oriented ap- 
proach offers a way to demon- 
strate achievable returns on se- 
curity investments and 
companies plan their security 
spending more strategically, 
the analysts said (see box). 

But the problem, according 
is that there aren't 
many obvious ways to measure 


to users, 


Users Eye Sel 


Automated tools for 
diagnosing network 


ills still maturing | 


BY MICHAEL MEEHAN 
To cope with applications that 
are greedy for IT resources 
and the rise in business being 
online, 


done some 


trying to make their server net- | 


flexible and self- 
healing. But analysts cautioned 
that system management tools 


works more 


designed to address the prob- | 


lem are still in their infancy. 
For example, Cooper Indus- 

tries Inc., 

of tools 


installing software 
Mateo, Calif.-based MetiLinx 


Inc. that monitors server func- | 


technolo- 
who sare | 


fundamental | 
business problem instead of as | 


lets | 


users are | 


a $4.5 billion maker | 
and electrical prod- | 
ucts, is looking to ease its net- | 
work performance issues by | 
from San | 


the ROI of security efforts. 
“We have talked about how 


we're going to measure ROI 


with the finance people, and 


we haven't come up with any 
said Matt 
Kesner, chief technology offi- 
cer at Fenwick & West LLP, a 
law firm in Palo Alto, Calif. 
Fenwick & West learned the 
value of tightening IT security 
firsthand after its Web site was 
taken down by a virus earlier 
this year. The firm plans to in- 
crease its security spending by 
100% year 


good measures yet,” 


next 


budgeted for regular audits of | 
Kes- | 
There's a realization | 


its security capabilities, 
ner said. “ 
for the first time that security 
has a direct bearing on the 


business,” he added. 


tions and automatically 
routes processing work to oth- 
er systems if problems arise. 

MetiLinx just added the re- 
routing capability last month, 
releasing a tool that’s supposed 
to be able to optimize server 
performance across multiple 
tiers of a corporate network. 
Its software was previously 
limited to diagnosing server 
resource problems and recom- 
mending corrective actions to 
systems administrators. 

Terry Klebe, chief IT officer 
at Houston-based Cooper In- 
dustries, said MetiLinx’s iSys- 
tem Enterprise technology will 
replace a more piecemeal ap- 
proach to systems monitoring 
and management that’s based 
ona hodgepodge of tools. 

Financial applets being used 
at branch offices are slowing 
Cooper’s network due to a lack 
of available bandwidth, Klebe 


and has also | 








In most cases, security 


spending usually rises only af- | 


ter major incidents, according 


to a survey released in March | 


by IDC in Framingham, Mass. 
The toughest part about jus- 


tifying investments is trying to | 
assign a dollar value to the lev- | 


el of security ne¢ 
company safe, said an IT man- 
ager at a major New York- 
based financial services firm 
who asked not to be named. 


eded to keep a 


Pulling Numbers From Thin Air 
“The major problem right 
is that we don’t have a 
good feel for what the 
risks are and the costs [that 
are] associated with these risks 


now 
real 


— so that any numbers we plug |: 


into [ROI] models would be 
pulled from thin air,” he said. 


One way around that prob- |: 
lem is to stop viewing IT secu- | 


rity as something that simply 
involves 


re- | said, adding that the problem is | 
| being compounded by e-busi- 
| ness applications and a 


new 
The compa- 
ny’s other option for a cure was 
to build three times the needed 


data warehouse. 


processing capacity for every | 
| said most established systems 


new application, he said. 
“We ran several scenarios on 


Keep on Running 


plugging holes, in- | 


| bers scared me,” 


stalling firewalls and reacting 
to the latest viruses, said Chris 
Wysopal, an analyst at Cam- 
bridge, Mass.-based @Stake 
Inc., which organized the semi- 
nar along with Bedford, Mass.- 
based RSA Security Inc. 


~ dustifying Security | 


The emphasis of REACTIVE 
security is to: 

> Justify fear 

> Restrict applications 

» Emphasize prevention 

» Apply technical solutions 
The emphasis of STRATEGIC 
security is to: 

» Justify ROI 

» Enable applications 

» Emphasize accountability 


» Foster business and 
technical solutions 


-Healing Systems Management Software 


that, and the [financial] num- 
Klebe said. 
think we 
hardware costs 
| 30% [using the new tools].” 

Dan Kusnetzky, an analyst at 


“Conservatively, we 
can cut new 


IDC in Framingham, Mass., 


management tools can’t easily 


Cooper Industries is looking to optimize its network server 
systems to prevent performance problems. The MetiLinx soft- 
ware that it’s installing includes these features: 


> System-level objects that analyze the performance of each 
server and communicate that data to all the other linked 


nodes on the network. 


> Real-time process redirection capabilities at each network 
node based on system-level object data and end-to-end 
availability of system resources. 


» Network management and planning tools that can be used to set 
performance alarms on systems and to collect processing 
data for use in fine- ane network Srenitrneretee. 


| central 


| added. For example, 
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Instead, Wysopal said, secu- 
rity should be presented as a 
business that 
needs to be addressed at the 
start of IT projects. 

Potential cost savings from 
| that approach can be used to 
| demonstrate ROI, Wysopal 
@Stake’s 
research that compa- 
nies that focus on security is- 


issue 


shows 


| sues during the project design 


stage typically spend 60 to 100 
times less than businesses that 


| try to fix problems during later 


implementation phases or af- 
ter a system has gone into use. 

Sean Nolan, CIO at online 
retailer Drugstore.com Inc. in 
Bellevue, Wash., said security- 
related investments should be 
looked at more as a cost of do- 
ing business than in terms of 
the ROI they can generate. 

But no matter how security 
I think it’s clear that 
focusing [on it] early is going 
to be far cheaper than the al- 
ternative,” Nolan said. Putting 
that idea into practice., Drug- 
store.com has developed re- 
usable procedures and code li- 


is viewed, “ 


braries for building security 


features into its systems right 


| at the design stage, he said. D 


handle the applications-driven 
performance problems faced 


| by IT managers. 


Users typically need to write 
custom scripts to work around 
server snares on their 
works, Kusnetzky said. Only a 
few small vendors, including 
MetiLinx and Billerica, Mass.- 
based SilverBack Technologies 
Inc., have developed tools 
aimed at automating network 
optimization, he added. 

Ed Wood, network adminis- 
trator at the Tennessee Valley 
Authority (TVA) in Knoxville, 
said he’s also trying to cope 
with the impact of bandwidth- 
hogging distributed applica- 
tions. “The programmers are 
far less network-sympathetic 
than they used to be,” he said. 
“They must think we've got 
unlimited resources.” 

Problematic applications cre- 
ate a ripple effect across the 
TVA’s network, resulting in 
more potential points of failure 
that need to be closely moni- 
tored, Wood said. D 


net- 
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LAUNDRY INSTRUCTIONS q aN ; 
1. Install filter with your firewall, i , 
cache engine, or proxy server. 7 rs 
2. Forget about it. i 


inspected by our partners: 
© 
GA CHECK POINT” & 


Software Technologies Lid. NetworkAppliance’ Wer Scatew 


Websense is the simplest, most transparent Web filtering tool around. And 


the most recommended. Ask your systems integrator. Ask your 


consultant. Heck, call our partners direct. You'll find out why Websense is 
installed in companies as small as 50 people, yet covers more than 


250 Fortune 500 firms. Comprehensive reporting. Automatic nightly ) www.websense.com 
updates. Scalability up to 100,000 users. And filtering flexibility to satisfy \_ WE SENS EE 


; ; = 4 ' EMPLOYEE INTERNET MANAGEMENT 
your CEO's every quirk. Best of all, it’s self-cleaning. So you won't have to get 


your hands dirty. Try it at www.websense.com. NASDAQ: WBSN 
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Over a dozen Wintel servers? 
Or one Sun Fire V880 server? 


The servers keep piling up. You need 


more power to support your enterprise, 


but each Wintel server adds to your 


management complexity and overhead 


costs. And consolidation? Too expensive. 


Well, with the Sun Fire” V880 server 
from Sun, our new 2- to 8-way, 750MHz 
entry server, you can afford to 
consolidate those dim-bulb Wintel 


servers and dramatically reduce the 


cost and complexity of your infrastructure. 


How good is it? Well, you can consolidate 


more than a dozen Wintel servers 


onto a single Sun Fire V880 server. 


(No, it’s not a typo.) 


introducing 
the New 
Sun Fire” V880 
Server 


A smart machine 
deserves a smart price. 


The V is for value, and it shows. For 
up to 47% less than a comparably 
configured Wintel server, the hardware 
savings of the Sun Fire V880 server 
is just the tip of the iceberg. By 
consolidating with the Sun Fire V880 


server, you'll also save big on adminis- 


tration and the software licensing fees 
that come with each and every Wintel 


server you run. And unlike Windows NT, 


there is no costly rebooting (bet that 
sounds good). This is just the beginning 
of a whole new V series of Sun Fire 
servers that brings you incredibly smart 


products at competitive prices. 


Consolidate with the 
new entry server that 
costs up to 


47% less 


than an NT server. 


Big brains in a little box. 


The Sun Fire V880 server runs or 

the award-winning, incredibly stable 
Solaris” Operating Environment-—rated 
the #1 UNIX’ OE by D.H. Brown Associates. 
And because it’s built to enterprise-level 
standards (with scalability that beats 
the pants off any NT-based server), you'll 
get increased system performance and 
the reliability and security that make it 
perfect for consolidating your database, 
mail, ERP, ecommerce or Web applications 
All in all, a great enterprise-class server 


for your workgroup. 


Better Performance, Better Price” 


$55,261 


$37,260 


With Sun, things are 
simple, end to end. 


By designing your enterprise around 
Sun servers, you actually build in 
simplicity at every level. That’s because 
Sun servers run on the Solaris/ SPARC 
architecture, making them compatible 
from the smallest box to the largest 
servers. Which means you can 
use the same applications, tools, 
administration and resources up and 
down your enterprise, radically cutting 
the complexity and costs of your entire 
infrastructure. For more information 
about the Sun Fire V880 server, visit 
an authorized Sun reseller or go to 


www.sun.com /sunfirev880servers. 
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NEWS 
Users Look to Harness PCs 
For Big Processing Jobs 


New distributed computing technologies target 
extra CPU cycles for supercomputerlike effect 


BY JAMES COPE 
OME LARGE that 


do heavy-duty data crunching 


COMPANIES 


are turning to new distributed 
computing technologies that 
tap unused CPU cycles from 
networked PCs. They hope to create 
the kind of processing power typically 
provided by supercomputers and serv- 
er clusters 
Upgrades of distributed processing 
systems supporting scientific applica- 
tions and other data-intensive programs 
were announced in the past two weeks 
by Austin, Texas-based United Devices 
Inc. and New York-based DataSynapse 
Inc. A third vendor, Entropia Inc. in San 
Diego, also sells such technology. 
Brokerage and investment services 
firm Wachovia Securities Inc. has al- 
ready found the distributed approach 
to be a big timesaver on financial mod- 
eling and analysis jobs for its fixed- 
income derivatives business. 
Joe Belciglio, managing director of 


trading technology at the subsidiary of 


Charlotte, N.C.-based Wachovia Corp., 
said an earlier version of DataSynapse’s 
technology is being used to grab extra 
processing time from 50 PCs. “We've 


seen things that used to take two to two 


and a half hours cut down to 20 min- 


utes,” Belciglio said. 
Belciglio wouldn’t comment on what 
it cost to put DataSynapse’s system in 


| place but said the technology was gen- 


erally more cost-effective than buying 
dedicated systems to do the modeling 


and analysis work. Using existing PCs 


infrastructure mainte- 
nance needs, he added. 
DataSynapse’s LiveCluster, United 


Devices’ MetaProcessor and Entropia’s 


also reduces 


namesake technology all include server- 
based software that manages software 
agents or client-level code installed on 
various PCs. The agents work in the 
background and don’t slow down the 
primary user of a PC, according to the 
vendors (see chart). 


Different Approaches 

Swiss pharmaceuticals manufacturer 
Novartis AG is testing the products 
made by United Devices and Entropia. 
Juergen Basse-Welker, director of glob- 
al IT at Novartis, said the Basel, 
Switzerland-based company hopes to 
use “theoretically as many as 50,000” 
PCs on its networks to run biological 


The Best Instructors and 
SERVICE, SERVICE, SERVICE 


Northeast Training Group, Inc.'s mission is to be the 


premier solution provider to the productivity problems that keep 


Information chnoloc Nanage awake a ah 
ormation Technology Managers awake at night 


Over 200 Instructors 


Technical skills training hardware & software 
Business Systems Analyst Curriculum 


Management Training 
Soft skills 


We'd like to get to know you and we'd like you to get to know us. 
Call or email Sue Goldberg or visit our web site 
PHONE: 617.469.5557 


emai: Sgoldberg@NortheastTrainingGroup.com 
Wes SITE: www.NortheastTrainingGroup.com 


simulations and biochemical-com- 
pound profiling applications. But a big | 
drawback is the lack of packaged scien- 
tific applications that have been de- 
signed to run on the distributed pro- 
cessing platforms, Basse-Welker said. 
San Diego-based Accelyrs Inc. last 
week announced plans to adapt its sci- 
entific software for use with MetaPro- 
cessor. But Scott Kahn, a senior vice 
president at Accelyrs, said the PC- 
based distributed model won't replace 
the need for supercomputers and dedi- 
cated server clusters on applications 
that require massive amounts of pro- 
cessing involving a matrix of related 
variables. The distributed approach is 
best suited for computations that can 
be split into separate pieces, Kahn said. 
Mike Swenson, an analyst at IDC in 
Framingham, Mass., said the financial 
benefits of the new technology are an- 


other uncertainty. United Devices plans | 





Scaling Systems 
‘APriority for New 
Red Cross Cl0 


A month before the Sept. 1] terrorist at- 
tacks on the U.S., Thomas Schwaninger | 


joined The American National Red 
Cross relief agency as its CIO. Schwan- 
inger recently spoke with Computer- 


| world’s Todd R. Weiss about how the at- 


tacks have affected IT plans at the Wash- 
ington-based organization. 


| Q: What has changed for the American Red | 


Cross since the terrorist attacks? 


| A: As I was coming in the door, I was 


thinking about what are the strategies, | 
what are the long-term architectures | 


{needed] to support our mission? Cer- 


tainly, what we've seen in this case of 
Sept. ll is the need to continue those 
strategies ... in many of the ways we'd 
originally planned, but to add in [more] 
scalability. 


Q: What kinds of changes do you see being 
made to improve your IT redundancy? 

A: Some of the things we’re doing in- 
clude testing selected portions of our 
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How It Works 


The MetaProcessor distributed com- 
puting technology developed by Unit- 
ed Devices includes several different 
components that tap unused process- 
ing resources on PCs: 


@ 
8 


8 


Software agents are distributed over 
a corporate network to desktop PCs. 


Systems or network administrators 
schedule processing tasks from a cen- 
tral console. 


The agents do background process- 
ing work using the extra CPU cycles on 
the PCs where they reside. 


A management server connected to 
the network directs and monitors the 
work of the agents. 


A database installed on a separate 
9 server collects and aggregates infor- 
mation processed by the PCs. 
to charge $250 per utilized PC for 
MetaProcessor, a rate Swenson said 
could be expensive for some companies 
if the technology is implemented on 
several thousand or more PCs. 9 


disaster recovery plans, building more 
capacity in our backup sites, and we’re 
increasing security in our IT functions. 
We've also added a lot of capacity just 
in terms of existing systems to get scal- 
ability up to the order of five to 10 times 
what we normally see. 


Q: What other kinds of improvements will 
be made? 


| A: It also expands to applications we 


have that track the volunteers who are 
working on-site [at] a disaster, applica- 
tions that track funding and gifts we 
provide to victims, [and] applications 
within our own logistics and control 
systems that make sure we're getting 
supplies to a disaster site. There’s a 
whole range of applications that sort of 
support people behind the scenes, [and 
we're] making sure they are scalable 
and working — and also making sure 
that those applications are available to 
people in the field, wherever they are. 


Q: What about communications with disas- 
ter workers? 


| A: We’ve been working on alternative 


ways such as satellite-based, as well as 
things that are more traditionally de- 
ployed. Our general strategy on that 
front is to have multiple avenues, multi- 
ple pathways that people can use to get 
connectivity. We'll use whatever is 
available to use. D 
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NEWS 
IBM Hopes Acquisition | 
Will Boost WebSphere 


Purchase of CrossWorlds matches BEA’s 
focus on enterprise application integration 


BY MICHAEL MEEHAN 
BM LAST WEEK TRIED to 
one-up application serv- 
er rival BEA 
Systems Inc. through a 


software 


$129 million deal under | 


which it will acquire Cross- 
Worlds Software Inc., a devel- 
oper of enterprise application 
integration (EAI) technology. 
IBM and San _ Jose-based 


BEA, the top two application | 


server vendors, are both look- 
ing to redefine the terms of en- 
gagement by combining their 
products with EAI tools that 
let users tie together applica- 
tions and business processes. 
BEA released a set of Java- 
based integration tools tied to 
its WebLogic server in July. 
Last week, IBM said it plans to 


merge the EAI software of- 


fered by Burlingame, Calif.- 
| based CrossWorlds with 
WebSphere application server. 


The CrossWorlds and Web- | 


| Sphere products are already 
integrated through a partner- 
ship deal, and CrossWorlds 
built the messaging capabili- 


ties in its software on top of 
Integrator | 


| IBM’s MQSeries 
| middleware technology. 


| nize internal business process- 


es for users, said Steve Mills, | 


its | 


Now CrossWorlds will be di- | 
| rectly used by IBM to harmo- | 


said IBM faces a stiff challenge 


| in forming a cohesive whole 


from WebSphere and Cross- 

Worlds. But there should be 

significant user interest if IBM 
| can pull it off, he added. 


CrossWorlds 
- Software Stats 


Key details about the EAI 
vendor include the following: 
Third-quarter financial 
results: $1.5M loss on 
revenue of $21.7M 
Number of employees: 
About 350 


| senior vice president in charge | 


| of IBM’s software unit. Future | 
WebSphere releases will pro- | 
vide a central point of control | 


| for all applications within a 
company, Mills said. 


| 
| Jon Derome, an analyst at | 
| 


The Yankee Group in Boston, 


Sun Targets Low-End Server 
At Windows-Based Boxes 


Competition drives 
new marketing plan 


BY TODD R. WEISS 

In a move that puts a new 
twist on its low-end server 
strategy, Sun Microsystems 
Inc. last week unveiled an 
entry-level Unix system that 
takes direct aim at machines 
running Windows on Intel- 
based hardware. 

The Sun Fire V880 is posi- 
tioned to go head-to-head with 
low-priced Wintel servers, Sun 
officials said. They acknowl- 
edged that increasing pressure 
from rivals offering those sys- 
tems prodded Sun to take a 


more overt marketing ap- 
| proach in the low-end niche. 


branded them that way,” said 
Benjamin Baer, strategy man- 
| ager for the company’s volume 
systems products. “We are 
very much going to address 
this lower end of the market 
[now]. We’re not going to back 


perception in the market that 
we're expensive.” 

The V880 starts at $29,995 
with two of Sun’s UltraSPARC 
III processors and can support 


memory, according to Sun (see 
box). Prices top out at about 
$120,000. 





“Sun has always had entry- | 
level servers, but we haven't 
| Giga Information Group Inc. in | 


away [just] because there’s a | 


up to eight CPUs and 32GB of 


Number of user imple- 
mentations: About 100 


Major customers: Cater- 
pillar Inc., Dow Chemical 

Co., Du Pont Co., Ingersoll- 
Rand Co., Whirlpool Corp. 


According to analysts, the 
new low-end strategy is aimed 


dampened by the weak econo- 
my. The move follows a $180 


during the quarter that ended 
Sept. 30. 
Adria Ferguson, an analyst at 


| Cambridge, Mass., said Sun 
needs to change its reputation 
| as “solely a high-end server 
vendor” in order to compete 


Sun Fire V880 


Sun’s new entry-level server 

includes the following features: 

ws Two to eight 750-MHz UltraSPARC Ill 
processors 





wPricing starting at $29,995 


competitive landscape in the 
application server market if 
they’re Derome 
“Customers will start 
wanting unified offerings, and 
other vendors will have to fig- 
ure out a way to offer [them].” 
According to a report re- 
leased in June by Framingham, 
Mass.-based IDC, BEA had 18% 
of the worldwide application 
server market last year. IBM 
was next with 15.4%, IDC said. 
Morgan Gerhart, an analyst 


successful,” 


said. 


| at Meta Group Inc. in Stam- 


“It really starts to change the | 


ford, Conn., said both IBM and 


| BEA have the right idea in try- 


ing to leverage their applica- 


| tion servers for EAI uses. 


“What we see is that the ap- 


| plication server really evolves 
| into the next form of the oper- 


| ating system,” Gerhart 
“That'll be 


said. 
your foundation, 
and then you get your business 
processes and [software infra- 


| structure] built on top of it.” 
| But he estimated that it will 

take two to four years for ven- 
| dors such as BEA and IBM to 


realize that vision. 
IBM said it will fold Cross- 


| Worlds into its own business 


integration software division 
and continue technology in- 
| vestments planned for current 


at helping Sun preserve its | 
server market share at a time 
| when IT spending has been | 


users of the EAI tools. D 


more effectively against Intel- 
based server vendors. 

Sun is “going to have to be 
increasingly price-competi- 
tive,” said Jean Bozman, an an- 
alyst at Framingham, Mass.- 


| based IDC. “If they end up be- 


| million loss that Sun suffered | 


ing more expensive on an | 


| equivalent-type platform, then 


| more 


they’re more in danger of los- | 
| and NaviSite Inc. subsidiaries. Com- 


ing market share to Windows 
Intel [vendors].” 

For users, the V880 adds 
system resources and 


| supports twice as many pro- 





cessors as were offered with 


Sun’s earlier low-end servers, | 


Ferguson said. 


But one potential issue, she | 
added, is that vendors often | 
price applications based on the | 


number of CPUs on a server. 
That could be a red flag for 
users, since Unix applications 
are typically more expensive 
on multiprocessor 


Ferguson said. D 


systems 
than Windows-based software, | 


Comdisco lees to | 
New Offer From HP 


Rosemont, Ill.-based Comdisco Inc. 
agreed to sell its disaster recovery 
services unit to Hewlett-Packard 
Co. for $750 million, three weeks 
after it dropped an earlier deal with 
HP in favor of an $825 million offer 
from SunGard Data Systems Inc. 
that later became the target of an 
antitrust lawsuit by the U.S. Depart- 
ment of Justice. But Wayne, Pa.- 
based SunGard filed a motion op- 
posing Comdisco’s new deal with 
HP, which still needs to be approved 
by a U.S. Bankruptcy Court judge. 


ee ra 


Judge Lets Imation 
Sell DLT Cartridges 


A California state court judge ruled 
that Oakdaie, Minn.-based Imation 
Corp. can continue to sell its new 
Digital Linear Tape (DLT) cartridges 
pending the outcome of a legal bat- 
tle with Quantum Corp., which owns 
the DLT technology. But the judge 
ordered Imation to pay a 30% roy- 
alty to Milpitas, Calif.-based Quan- 
tum on its cartridge sales. 
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Compaq, CMGI Sign 
Deal on Debt, Venture 


Compaq Computer Corp. agreed to 
restructure about $220 million in 
debt owed to it by Andover, Mass.- 
based CMGI Inc. and that compa- 
ny’s majority-owned AltaVista Co. 


pag will receive $82 million in cash 
and stock from CMGI and take over 
full ownership of Houston-based 
B2E Solutions LLC, a joint software 
venture with CMGI. 


PRA, DY RENE ETT ee 


Short Takes 


Paris-based ALCATEL reported a 
$502 million third-quarter net loss 


| and said it plans to lay off 10,000 


more workers throughout its Euro- 
pean operations. . . . Farmington 
Hills, Mich.-based COMPUWARE 
CORP. named Tommi White as its 
chief operating officer. 
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NEWS 


MARYFRAN JOHNSON 


National ID: Bad Idea 


WAS STANDING at yet another airport security checkpoint last 


week, arms held wide, 


patience fraying, while a stern-faced 


security guard pressed 9 metal detector all over me. Foiled 
again by an underwire bra, which apparently marks me as a 
suspicious subject for overtuned alarm systems. Five pat-down 


searches in three days of travel. 

One effect of these close encounters 
was to spark a keener interest on my 
part in the clamor about national ID 
cards, which a majority of Americans 
support in the aftermath of Sept. 1, 
despite continuing opposition from 
the White House. Proponents of this 
politically charged idea claim that the 
ability to breeze through airports in 
the “ could be among the 
many benefits of such a Big Brother 


MARYFRAN JOHNSON is 
editor in chief of Comput- } 
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her at maryfranjohnson@ | 
computerworld.com. i 
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fast lane” 


verification program. So I can certain 
ly see the appeal. — 
Ironically, my travels were taking me to and 
from a computer security conference in Washing- 
ton. What better place to see if technology is real- 
ly up to the task of supporting a national ID card 
but that 
missing 10% is a serious gap. After talking with a 
variety of experts in biometric, smart card and 
authentication technologies, I found many who 
doubt that we can truly safeguard the personal 
data these cards would contain. 
Hacking a smart card and spoofing a finger- 


Ln 


system? Turns out we're about 90% there, 


‘nk 


ected 
Onetric 


print image will certainly raise the bar 
for the bad guys, but everyone expects 
them to rise to the challenge. One 
speaker from RSA Security noted that 
a $5 rubber stamp was all his team 
needed to fake a fingerprint image. 

In the end, I walked away opposed 
to a national ID card program. Beyond 
the concerns about civil liberties or 
the huge, costly bureaucracy it would 
involve, the technology implementa- 
tion would be a never-ending night- 
mare of integration problems, security 
breaches. standards conflicts and con- 


stant patching of immature products. 
Perhaps in a few years we'll be able to authenti- 
cate someone’s identity through a smart card with 
| a unique access code and a biometric identifier. 
| But nobody produces such a triple-protected, tam- 
| per- proof product now. Until the technology can 
| protect us, this remains a dangerously bad idea. D 


Quick § 


For a pair of opposing viewpoints, from Eddie Schwartz 
of Guardent and Stephen Hunt of Datastrip, visit our 
Security Community 
www.computerworld.com/q?a1210 
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PIMM FOX 


‘Managing the 


Multiple-IT-Worry 
Syndrome 


IFE WAS SIMPLE when we worried 
only about obvious, external threats. 
Now we feel exposed inside our 


| borders, jumpy just opening snail mail. 


Call it a multitude of worries. 
This condition is all too familiar to IT person- 
nel who must deal with the Code Red computer 


| virus and its variants while also making sure data 


flows safely in and out of corporate networks. 
Unfortunately, the initial line of computer secu- 

rity defense — running 

HTTP packets over SSL — 


| guarantees the encryption 


of data from a Web brows- 
er to a Web server only. 
SSL and the decryption 
that takes place once a 
packet arrives at the Web 


| server do nothing to pro- 
| tect the information stored 


| inside a database. 


| cards on every server, uti- 
| lize some kind of crypto 


PIMM FOX is 
Computerworld’s West 
Coast bureau chief. | 
Contact him at pimm_fox@ 
_computerworld. com. 


You could put crypto 


| function in the database (Oracle9i has a little- 


used encryption capability) or write a Perl script 


| or C program encrypting all the data going into a 


database. But these approaches haven’t gained 


| widespread acceptance because they hurt perfor- 
| mance or are expensive and complicated. 


More disturbing is that many people charged 
with security still believe that data, once behind 
the firewall, is safe and secure. 

Never mind that sleeper computer viruses or 
worms (Code Red or Nimda) might have already 
lodged themselves on servers and could be trans- 
mitting your files over the Internet. Or, more like- 
ly, that some rogue employee inside your compa- 
ny is e-mailing the company’s entire database to a 
pal working for a competitor. 


The risk isn’t just that some nasty virus will 


| somehow get to the database — the risk is that 
the information is sitting there in clear view. One 


way to solve the problem of viruses slipping 
through is to evaluate Web requests at the net- 
work level by determining whether they have a 
valid HTTP or HTTPS address. Ingrian Networks 
has developed a box with software that matches 
distinct patterns of IP addresses, scanning along 


Quick For more Computerworld columnists and links to 
[Imnke archives of previous columns, head to 


www.computerworld.com/q?q1000 
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the way for Code Red and other viruses. 

The box also addresses the internal threat by 
encrypting data flowing into the Web server, be- 
fore it reaches the database. As a result, even if 
someone did manage to steal your entire data- 
base, he’d never be able to read it. The Ingrian 
product contains the private keys necessary to 
unlock the encrypting cipher. 

By placing security at the network level, you'll 
still be able to take advantage of any application 
that uses SSL, such as an LDAP directory or Out- 
look, but your databases would now be encrypt- 
ed. Network-level security may not eliminate 
multiple-worry syndrome, but it will make it 
more manageable. D 


DAVID FOOTE 
Seizing Success 


From the Jaws 
Of Tragedy 


“... it was the epoch of belief, it was the epoch of 
incredulity, it was the season of Light, it was the 
season of Darkness...” 
HARLES DICKENS was talking 
about the French Revolution in A 
Tale of Two Cities, but his words 
can easily be applied to life in America 
after the terrorist attacks. 

For those able to get beyond the more disturb- 
ing aspects of the tragedy, there have been incred- 
ibly positive accounts of people overcoming ad- 
versity and of companies showing strength. 

It’s been one big jumble of paradoxes these past 
several weeks. Many peo- 
ple have been questioning 
basic beliefs and assump- 
tions that had seemed rock 
solid. So it’s the right time 
to be thinking out of the 
box and being fearless in 
pushing some of your best 
IT-infused ideas and solu- 
tions for your company. 

Not convinced? Then 
consider the following: 
More and more these days, 
managing change requires 
a significant event or com- 
mon threat around which 
to rally the troops. The 
problem is that it’s no longer enough to just use 
competitors, market conditions, data insecurity or 
a fear of losing your job as the bogeyman. You 
need something more compelling, something posi- 
tive and even emotionally uplifting to which a lot 
of IT and business workers can relate. And it does- 
n’t necessarily have to be strictly business- or IT- 
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Canaan, Conn. 
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dfoote@footepartners.com. 





| related either, just motivational and sustainable. 


It’s time to act boldly. We’ve long needed some- 
thing more dramatic than a sour economy to jolt us 
out of corporate complacency, fear of change and 


| just plain poor leadership. That something arrived 


on Sept. ll. I can’t tell you what to do, but here are a 
few winning, immutable truths for managing busi- 
nesses and people that I’ve culled from observing 
those who reaily seem to get things done: 

w Character and ethics matter. How we handle our- 
selves and treat others counts more than ever in 


| everything we do. Ethical issues aren’t simply 


about right and wrong; they’re also about making 
tough choices in a brutal world. In making deci- 
sions, your superiors, customers and peers take 
character and ethics into account far more than 
you realize. 

@ Transition issues need more mind share. Being the 
smartest and hardest working is vastly overrated 
when it comes to survival, according to Charles 
Darwin, who observed that responding well to 
change is the real success factor. Business leaders 
are notorious for undermining change initiatives 


Does Publicizing Vulnerabilities Help Hackers? 
HE IDEA that the 
security commu- 
nity shouldn’t 

| make code vulnerabili- 

ties known to the users 

of Microsoft products is 

absurd to the point of id- 

iocy. As usual, Microsoft 

shows its true colors: 
more interested in pro- 
tecting its image and 

| limiting blame than pro- 

| viding defect-free code. 

Until Microsoft grows 

up to quality code, every 

effort should be made by 
security firms to keep 
user support organiza- 

| tions aware. In this way, 

the IT department may 

take steps to protect its 

| customer communities 

from Microsoft’s short- 

| comings in code quality. 

Bud Byrd 
Lewes, Del. 
budbyrd@attglobal.net 


VEN THOUGH Mi- 

crosoft has been 

slow to fix security 
holes and even slower to 
properly design security 
into its operating system 
architecture, it does have 
a valid point: You should 
never publish how to 
beat a security system 
[“Microsoft: Loose Lips 
Give Hackers Tips,” 
News, Oct. 22]. You can 
send that information to 
the development team, 
but don’t leave it in the 
open for some malicious 
person to exploit. You 
can publish the vulnera- 
bilities without showing 
how to create the worm. 
You can tell people how 
to protect themselves 
until a fix is applied. Just 
because Microsoft-bash- 
ing is in vogue doesn’t 
mean that all of us with 
Microsoft operating sys- 
tems should be put at 
greater risk by giving the 
malicious few a step-by- 
step manual for corrupt- 
ing our servers and PCs. 
Kirk Beadle 
TRW Automotive 
Livonia, Mich. 





HOSE WHO pub- 

lish vulnerability 

exploit code hide 
behind a thin veil of pub- 
lic interest and tread 
perilously close to seek- 
ing to garner attention. 
Giving credit in patch re- 


| veloping secure and veri- 


| coding and testing proce- 
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by failing to anticipate who will have to let go of 


| what, or to adequately prepare their workers for 
| the psychological and emotional adjustments 
| needed in new situations. 


| m Measure it; market it. If it can’t be measured and 

| tracked, how can you expect to sustain the pre- 

| cious support you’ve generated for a great idea? 
Not everything is easily quantified, so have some 
| exceptional sales and marketing talent on your IT 
team to help with the analytical nitpickers who 

| love to sabotage good work. 

w Practice enterprise project management. | intro- 
duced this in a previous column [News Opinion, 

| Sept. 3] as arguably the No. 1 core competency for 
managing Information Age business realities. 
Learn it, and use it (when it makes sense). It’s the 
enabler for repeating what works, reducing risk 

| and complexity and predicting outcomes. 

mw There’s never a clear answer. Learn to tolerate am- 
biguity, and you'll never feel too afraid to take a 
risk. Accept occasional failure as a natural event 
and never stop moving forward and trying new 

| things. D 





lease notices for assis- 
tance in reproducing or 
correcting problems pro- 
vides a healthy form of 
attention. Published ex- | 
ploit fragments should be | 
small enough to illustrate | 
the point to an experi- 
enced software profes- 
sional without providing 
a virus kit to aspiring 
hackers. 


Frank Baker 


security threats [“Vola- 
| tile States,” Business, 
Oct. 22]. 

From the IT point of 
view, Turkey is no differ- 
ent from any other Euro- 
pean country. From the 
security point of view, 
it’s not a less secure 

place than Yugoslavia, 
| Greece, Iran or Pakistan, 
which were not high- 
lighted on the map. 
Vice president | Turkey and the Turkish 
Monitoring Automation Systems | people have always sup- 
| Irvine, Calif. | ported the U.S. and 
democracy at very high 
cost to themselves. 
| Dr. Orhan Karaali 
| Clearwater, Fla 


| 
| 
| 
| 
| 
| 
| 
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HIS IS another case 
of refusing to take 
responsibility for 
one’s actions. If Micro- | 
soft spent more time de- | COMPUTERWORLD welcomes 
| comments from its readers 
Letters will be edited for brevity 
| and clarity. They should be ad- 
dressed to Jamie Eckle, letters 
| editor, Computerworld, PO Box 
| 9171, 500 Old Connecticut Path 
| Framingham, Mass. 01701 
| Fax: (508) 879-4843. Internet 
letters@computerworld.com 
Include an address and phone 
number for immediate verification 


fiable standards-based 


dures, then maybe far 
less of its software would 
come back to bite it. 
John Cowan dr. 

IT manager 

Caldwell Industries Inc 
Louisville, Ky. 


Qui For more letters 
& on these and 
WAS APPALLED to see Ime other topics. visit 
Turkey included on our Web site 





| 
| A Slur Against Turkey | 
| 


the map of global IT www.computerworld.com/q?q5000 
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Cisco Certified Partners. 


| Specific expertise for specific needs. 


Discover all that’s possible on the Internet. 


es 


YOUR CISCO CERTIFIED PARTNER—Y 


pene 





SPECIALIZED EXPERTISE — cisco.com go/certifiedpart ner | Ba 
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SERVICES AND SOLUTIONS 
CUSTOMER SATISFACTION 


In a world of increasingly complex network possibilities, no one can help 
you tailor a solution better than a Cisco Certified Partner. Each Gold, Silver 
or Premier Certified Partner is specifically trained to handle one or more of 


your highly specialized needs - from IP telephony to network management, to VPNs and security. Not just resellers 


of hardware, Cisco Certified Partners are qualified to provide quality design, deployment or professional services. 


So you can work with the best available advisor for each specific network need and maximize the return on 


your network investments. To learn more or to locate the partner right for you, visit cisco.com/go/certifiedpartner 


Cisco SYSTEMS 


EMPOWERING THE 
INTERNET GENERATION 


Cisco Systems, Inc 


and/or its affiliates in 


anal 
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BATTLING BANKRUPTCY 


Working in IT for a company that’s 
going through Chapter 11 can be 
fraught with anxiety and extra 
work to meet regulatory require- 
ments. But there are money-saving 
steps IT managers can take to help 
their organizations regain their 


HOW TO BECOME YOUR 
COMPANY'S FIRST C10 


Does your CIO-less company need 
one? Are you just the person for the 
job? CIOs such as Deere & Co.’s 
Kirk Siefkas (pictured) offer advice 
about how to persuade the CEO to 
create the job and offer it to you. 
PAGE 32 


CLONING THE CIO. 


CIO job-sharing is still rare, and it 
can offer distinct advantages and 
challenges. Ameritrade co-CIOs 
Mok Choe and Raymond Dury give 
their advice on how to make it 
work. PAGE 34 


DRAFTINGA 
COLLABORATIVE PLAN 


Architectural firms might not be 

as technologically savvy as broker- 
ages or retailers, but some forward- 
looking outfits are beginning to in- 
vest in collaborative technologies 
like VPNs to tie together far-flung 
associates and work together on 
projects more effectively. PAGE 39 
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PAUL A. STRASSMANN 


ransforming IT 


E’RE AT THE END OF CORPORATE COMPUTING as it has 
been practiced for the past 50 years. From now on, bil- 
lions of computers will only be network peripherals. 
Corporations will stop building and maintaining their 
unique hardware and software capabilities as fixed costs. 


Most information-processing capabilities will be 
passed on to computing utilities that will charge for 
services as a variable cost — much like telephone 
service. IT budgets will gradually move from being a 
vulnerable overhead expense and become a direct 
cost of operations, like labor and materials. 

IT vendors have figured out that this new environ- 
ment alters the economics of how to reap extraordi- 
nary profits. Selling software or shipping equipment 
doesn’t offer any more of the profit growth that, until 
last year, justified stratospheric market valuations. 
For instance, until last year, the five-year average 
profit growth for Microsoft, Oracle, Sun and IBM 
was 46.7%, 70.2%, 39.4% and 20.6%, respectively. To 
prosper, new sources of revenue will be necessary as 
corporate purchases for IT level off in the coming 
years. Consequently, Microsoft (with .Net and Hail- 
Storm), Sun (with Sun ONE), Hewlett-Packard/Com- 
paq (with e-Speak), Oracle (with Dynamic Services) 
and IBM (with WebSphere) have all announced that 
they expect their major future revenue growth to 
come from services. 

Dominant vendors will be in a position to make 
the case that shifting from locally grown corporate 
solutions to industrial-strength application services 
reduces the risks now inherent in corporate IT man- 
agement. The condition of corporate software assets 
has now reached a state of sufficient chaos that cor- 
porate executives are ready to welcome the takeover 
of IT by giant firms that will promise 
delivery of application services at pre- 
dictable prices. The evidence of the 
vendors’ intent can be found in their 
announcements. Their new services will 
displace the current practice of purchas- 
ing packaged software that subsequently 
requires spending huge amounts of money 
on integration, maintenance and upgrades. 
The vendors have promoted the new ser- 
vices as a cost-avoidance opportunity and 
have appealed to corporate management 
to purge their homegrown programs and 
replace them with standard applications. 
The vendors are also proposing to deliver 


| 





PAUL A. STRASSMANN wil! 
continue to write about 
risks to our information 
infrastructure in future 
columns. Contact him at 
paul@strassmann.com. 


the software as a guaranteed subscription service, 
making a vendor’s network an extension of every 
corporate network. Once you're hooked up, the ven- 
dors will deliver online enhancements for continu- 
ous technology refreshment. 

The vendors also plan to offer application- 
integration services that promise the interoperability 
of applications within a corporation, as well as 
among suppliers and customers — desirable objec- 
tives that few, if any, large corporate IT departments 
can deliver now. 

What will most likely happen to vendors’ software 
revenues? They'll account for at least 40% of IT bud- 
gets over the next 10 years, up more than threefold 
from the current 12%. In effect, the vendors’ tradi- 
tional role of supplying information armaments will 
transform into a role of being mercenaries partici- 
pating in information-based confrontations with 
those users’ competitors. 

Implications. This shift is proceeding at an unstop- 
pable pace. It will alter the existing roles of corpo- 
rate IT staffs, which will be asked to concentrate 
on making computer expenditures profitable. 

This development will lead to a decline in the size 
of corporate IT staffs and a substantial reduction in 
corporate capital devoted to IT. To keep their jobs, a 
large part of the remaining IT staffers will have to 
augment their skills in managing improvements in 


information-based competition. 

But vendors must address two issues 
before they can start displacing the people 
who have been their most loyal cus- 
tomers: Can the vendors deliver their 
goods with sufficient reliability? And can 
service vendors offer sufficiently secure 
networking environments? The question 
of security is the choking limitation on the 
pace at which the transformation to ser- 
vices may proceed. If the vendors can’t 
guarantee protection against a wide range 
of risks, you may want to wait before 
handing over the keys to a source you 
can’t trust. D 
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server decision that will finally update your data center. The problem is, it’s hard enough predicting 
what will happen next quarter, let alone next year. So how can you be 
confident that the infrastructure choices you make today are choices you 
can live with tomorrow? 

One option now has to include the new HP server rp8400— 
a rack-optimized breakthrough designed specifically to help you manage 
the enormous infrastructure demands generated by today’s constantly 
evolving business environment. 

It's small enough to fit two to a rack yet provides unprecedented 
power and flexibility in a mid-range server. In fact, we've made room for up 
to 16 processors, setting new standards in the category for both performance 
density and scalability. The kind of power you need to more easily manage 
and control workload allocation. 

Best-in-class dynamic partitioning essentially divides the server 


into sections, allowing each one to function independently. So even if one 


application goes down, the other sections of the server continue their jobs 


unaffected. Which makes it possible to move resources around without 
having to shut down your entire system, sidestepping costly downtime. 

And with the convenience of HP Utility Pricing, processing power 
and other services can be made available on tap, like electricity. So you 
can easily and securely scale online without having to invest in expensive 
hardware or support. 

HP infrastructure solutions—servers, software, storage, services and 
beyond—are engineered for the real world of business. Because the last time 
we checked, that’s where we all work. Call 1.800.HPASKME, ext. 246. Or visit 
hp.com/go/ infrastructure. 


Infrastructure: it starts with you. 





7 BUSINESS COMPUTERWORLD November 5, 2001 


a e 
KEN BRAME, CTO at Marketmax, Re 
helped craft the plan that eliminated Corgan Zing 
his position after Service Merchan- 


dise entered bankruptcy. Yourself 
Out ofa Job 


Bankruptcy is a wholly different experience 
at the CIO level than it is for IT workers in 
the trenches. 

Ken Brame, a former CIO at Service Mer- 
chandise Co. in Brentwood, Tenn., helped 
write the reorganization plan that eventually 
took away his job. 

Chapter ll protection meant the retailer 
was entering a period of IT maintenance 
without many new initiatives, Brame says. 
As a result, an IT leader with years of expe- 
rience in large, complex projects was no 
longer necessary. 

“We determined that there was a level of 
management they didn’t need. They didn’t 
need a Ken Brame,” he says. 

A “nice” severance package allowed him 
to plan to take six months off after leaving, 
he says. But a job offer to become chief tech- 
nology officer at Marketmax Inc., a retail 
software vendor in Wakefield Mass., cut his 
break to a few weeks. 

Meanwhile, the staff at Service Merchan- 
dise plummeted from 275 to about 150 
through attrition, unfilled vacancies and a 
few layoffs of 40 to 50 people at a time. 

“When you're part of the process, it’s dif- 
ferent than if it’s done to you,” Brame notes. 

— Kim S. Nash 


LAIR 


REBECCA CINC! 


Job cuts, canceled projects, unfamiliar work requests. Doing IT 
work during bankruptcy proceedings is unpleasant, but some 
teams have found ways to help their companies. By Kim S. Nash 


StavincA 
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S A COMPANY WADES through 
Chapter 1] bankruptcy protec- 
tion or gradually withers, IT 
professionals help keep the or- 
ganization on life support. 
They struggle when new 
projects die and spending mon- 
ey shrinks. They get depressed. 
Anxious. They wonder, How long will I be employed? 

Meanwhile, IT workloads can double at companies 
that file for Chapter 11 because of the extra financial 
reporting the courts demand. 

It isn’t all bad all the time. A smart IT group can 
lead efforts to save the company much-needed cash. 
Chapter ll laws, for example, allow companies to 
ditch unfavorable vendor contracts. 

Yet doing IT work during bankruptcy is mostly a 
somber march toward .. . uncertainty. 

“You're in limbo all the time,” says Dan Mushrush, 
recalling his time as director of new technology at 
Service Merchandise Co., a Brentwood, Tenn.-based 
retailer. 

Mushrush, who’s now an instructor at technology 
educator EpicEdge Inc. in Austin, Texas, quit Service 
Merchandise before it entered bankruptcy protection 
in March 1999, But things got bad even before the pa- 
pers were filed, he says. For example, the perfor- 
mance of Service Merchandise’s Web site suffered 
because the company wouldn’t buy new Unix servers 
when needed, Mushrush says. 

“You want to do things, but can’t afford to. They’re 
tight with money,” he says. “You’re making do.” 

Danny Schunk, vice president of IT at Service 
Merchandise, says that’s changed. The company’s still 
in Chapter ll but continues to enhance its Web site 
and proceed with other forward-looking projects. 

Schunk plans to rewrite e-commerce applications 
in Java this year, for example, and says Web sales are 
“significant” for Service Merchandise, though he de- 
clined to quantify that claim. 

“It’s a very uncertain economic environment, so 
we have to stay focused on the things that we can do 
to help make this company successful,” Schunk says, 
explaining the retailer’s current IT mandate. 

Many firms sink into bankruptcy protection be- 
cause of mismanagement or a falling market for their 
products or services. No one knows when or if the 
company will pull itself together. And that’s tough on 
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| IT people. The jagged emotions of the staff are a big 
reason why IT teams often don’t accomplish much in 
a financial crisis, says Judy Newdom, former CIO at 
Bradlees Inc., a defunct retailer. 

“People who were expecting new equipment aren’t 
going to get it. People expecting new training aren't 
going to get it. It becomes a very tension-filled envi- 
ronment,” says Newdom, who was CIO from 1993 to 
1995, the year Bradlees filed for Chapter 1] for the 
second time. “People go around thinking, I better 

| protect myself before I’m out on the street.” The 
| company shut down its 105 stores early this year. 

Newdom, who’s now a consultant at IBM in Tam- 
pa, Fla., says she quit Bradlees because the company 
stopped funding the client/server work that excited 
her. “It was depressing,” she says. 


Just a Phase 

In some cases, Chapter 11 doesn’t signal failure; 
rather, it’s a tool to protect a company from big debts. 

USG Corp., a 99-year-old building materials maker 
in Chicago, has had to put aside $1.2 billion for claims 
it may have to pay related to 250,000 asbestos liabili- 
ty lawsuits it faces. Yet USG’s Chapter Il filing in 
June automatically suspended the suits while the 
company waits for a bankruptcy judge to rule on its 
corporate reorganization. 

Chapter ll “is just a phase we’re going through,” 
says CIO Jean Holley. 

New IT projects, including installing Oracle finan- 
cial applications and planning a Microsoft .Net strat- 
egy, continue to roll on. 

“You don’t mothball your projects. You can’t. Your 
competition’s not sitting still. We have every inten- 
tion of being 100, 101 and 102” years old, Holley says. 

Whatever the cause, Chapter 11 companies typical- 
ly do nothing quickly. Proposals to spend money on 
projects outside the ordinary course of business are 
reviewed by internal and external lawyers, the bank- 
ruptcy judge and key people or companies the firm 
owes money, says Kyle Barry, a lawyer at Jenkens & 
Gilchrist PC in Chicago. 

If anyone objects, there are briefings, then hear- 
ings, then the judge decides, says Barry, who special- 
izes in IT litigation. “It can take some time,” he says. 

Crown Books Corp., for example, had to get court 
approval to offer bonuses to 46 key employees — in- 
cluding eight IT staffers — to get them to stay while 
the company wound down operations last spring. 
Several of Crown’s creditors objected, saying the re- 
tention plan wasn’t cost-effective. A Delaware bank- 
ruptcy judge ultimately approved Crown’s plan, but 
the process took two weeks. 

And at Maidenform Inc., it took almost a month to 
get court approval to outsource mainframe opera- 
tions and legacy application maintenance when the 
company was in Chapter 11 in 1998. 

Skittish vendors can also hamper IT progress, says 
Chuck Codling, CIO at Bayonne, N.J.-based Maiden- 
form. “The single greatest difficulty when you’re in 
Chapter I] is no one wants to sell you anything,” he 
says. A handful of PC hardware, PBX and telephone- 
switch suppliers, which Codling declined to name, 
refused to do business with Maidenform in 1998 and 
1999. They feared not getting paid. 

While other vendors were understanding, some 
forced Maidenform to pay upfront, he says. “They 








‘lips Krom 
Bankruptcy Experts 
The IT department can take some steps 


to save money quickly when a company 
is in Chapter Il bankruptcy protection. 


@ Rewrite or drop vendor contracts. Hardware leas 
es in particular can often be renegotiated favorably 


@ Be scrupulous about obtaining ROI on IT projects. 
Do nothing that doesn’t promise payback within 
three to six months. 


® Likewise, take on projects with quick imple 
mentation times. Chapter 11 is nc 
ERP gig 

@ Choose projects that can be funded with cash 
not those that rely on equipment depreciation or 
amortization 


) time to pitch an 


® Consider second-tier telecommunications 
providers. They aren arge as AT&T or Sprint, 
but they can often provide the same service levels 
at alower cost 


@ Conscientiously reuse equipment. Plan where to 
redeploy servers before buying r 

@ Though layoffs are unsavory, think about which IT 
positions can be cut. Personnel costs are typically 
the largest part of an IT budget 


waited for the checks to clear before you got your 


| stuff,” Codling says. “It slows things down, and it di- 


lutes your efforts. You'd rather be concentrating on 
the project and getting it done, but you can’t.” 
Still, IT operations can be something of a shining 


| spot for a company in otherwise dark days. 


The two outsourcing contracts Maidenform struck 
during its Chapter ll days saved the company at least 
$251,000 per year combined, according to court fil- 
ings. That doesn’t count savings it achieved by elimi- 
nating nine IT positions made obsolete by the deals. 

In July, Columbia, S.C., waste management company 


| Safety-Kleen Corp. was able to end leases with IBM 


on 6,11] pieces of hardware. Getting court approval 
took a month, and Safety-Kleen had to send the pro- 
posal to 329 interested parties. But according to court 


| papers, the company expects to save $4 million. 


Indeed, after the initial sense of Chapter ll despair 
ebbs, IT professionals should act fast to cut costs, 
says Joe Szmadzinski, a principal at turnaround firm 
Jay Alix & Associates in Southfield, Mich. 

If the IT staff pitches smart projects with quick 
payback, the group can actually gain in stature and 
respect, Szmadzinski says (see QuickLink below). 

“The most important thing any leader in IT can 
understand is that restructuring is a terrific opportu- 
nity,” he says. D 


ick 
Tnke 


Learn what to expect when an IT turnaround 
expert gets called in at a company that has filed 
for Chapter 11 bankruptcy protection: 
www.computerworld.com/q?24364 





BUSINESS 
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ATE LAST YEAR, John Dell’An- 

tonia sat down with his boss, 

the company’s chief operating 

officer, for an annual review. 

As vice president of MIS at 

OshKosh B’Gosh Inc., Dell’‘An- 
tonia had met all of his goals and eager- 
ly outlined more for the coming year. 
The IT department was doing well, the 
$453 million clothier thriving. 

What about making me CIO? asked 
Dell’Antonia, who had been at the Osh- 
Kosh, Wis.-based firm for a decade. 

Not happening. The 106-year-old 
company has just three C-level posi- 

-~ CEO, CFO and COO. It has 
never had a CIO and didn’t see the 
need to change Dell’Antonia’s title. 

Dell’Antonia says he wasn’t devastat- 
ed. “I would like it, but if they’re not 
comfortable with it, I’m not going to go 
out on some major huge campaign to 
change that,” he says. “What’s impor- 
tant is that I’m an officer of the compa- 
ny. I can commit the company and sign 
contracts. I have a lot of authority. 
That’s the key to getting my job done.” 

If you think your company needs a 
CIO and you want to convince your 
boss that you’re the person for the job, 
CIOs say you should emphasize that an 
internal candidate knows more about 
how the company works — what’s 


tions — 


politic, what’s not — than any outsider. 
Outline for the CEO how appointing 
an equal to represent IT at strategy 
meetings can move the company that 
much faster to where the CEO wants it 
to go. When they’re good, CIOs can 
manipulate hardware and software into | 
yielding real business results. 
Typically, an IT manager who isn’t a 
CIO isn’t let in on company plans until 
after they’re final. A CIO, however, is 
part of the team that creates strategy. 
He may even lead strategic thinking. 
John Boushy, CIO at Harrah’s Enter- 
tainment Inc. in Las Vegas, came up 
with the idea to keep a database of all 
of the casino’s customers to help Har- 
rah’s outmarket its rivals. Now no ma- 


jor casino can stay alive without that 
technology. An IT manager who is 
handed marching orders after the fact 
isn’t likely to make such a mark. 

“The people I see who are in top IT 
jobs but are not the CIO are still run- 
ning the back-room operations and 
building products at someone else’s re- 
quest,” says Bob Kramer, CIO at The 
Profit Recovery Group International 
Inc. in Atlanta. 

To move beyond that role, identify a 
business problem — talk to a line man- 
ager for ideas — and figure out how to 
fix it with hardware and software. 
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COMPANY'S 


| Then do it. And present the results to 


top managers, Kramer advises. 
“Be a real change agent inside the 


| organization,” Kramer says, “as op- 


posed to developing an application 
around someone else’s thoughts.” 

Preston Bradford agrees. Until a re- 
cent promotion, Bradford was the first 
CIO at Sapient Corp., a $503 million IT 
consulting firm in Cambridge, Mass. 
To get the attention of top managers, 
he says, you have to know what they’re 
looking for. For example, if you just in- 
stalled a virtual private network (VPN) 
and want to publicize the success, re- 
member that VPN doesn’t mean any- 
thing to business people. “But if you 
say, ‘We’ve taken $1 million out of our 
cost structure and enabled employees 
to work 25% more effectively, now 
you'll get their attention,” he says. 

You may also want to point out that 


| creating the position of CIO seems to 


be a smart financial move for a compa- 
ny. Firms that announced new CIOs 
found that the news triggered an aver- 


| age 1.2% increase in stock price, ac- 


cording to a study of 96 such compa- 
nies published in the March issue of 
MIS Quarterly. One percent isn’t a ma- 
jor jump. But the rise signals that 
stockholders “recognize the current 
and future importance of... effectual 


How to convince your CiO-less company that now is the 
time to create the position — just for you. By Kim S. Nash 
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IT leadership,” the study notes. 

By far, most new-ClI0O slots are filled 
with people from outside the company 
Just 35 of the 96 companies in the 
study filled the position internally. 

Internal candidates are often ruled 
out because top executives, in taking 
the big step of creating a position that 
is new and different, believe they need 
someone new and different, says Marc 
Rubinger, CIO at Genesis Health Ven- 
tures Inc. in Kennett Square, Pa. 

Rubinger advises brutal self-assess- 
ment. “Maybe you're not a CIO person 
to begin with,” he says. “Maybe you 
need to look in the mirror and say to 
yourself, ‘Just as I’m not qualified to be 
president of the United States, I’m not 
qualified to be CIO.’ Everyone has to 
face that as they grow up.” 

Some would say that after an IT 
manager is at a company for five or 
seven years, the facts are plain: The 
company doesn’t want a CIO or does- 
n’t believe its current IT manager is 
CIO material. 

But Cathie Kozik defied that think- 
ing. In September 2000, she was pro- 
moted to the new CIO slot at Tellabs 
Inc. after eight years at the company, a 
$3.4 billion communications equip- 
ment provider in Lisle, III. 

The path to promotion was round- 
about, Kozik says. First, Tellabs created 
the title of vice president of global in- 
formation services, which she got right 
away. But then company executives de- 
cided that IT deserved even more se- 
nior-level attention and status and got 
approval from the board of directors to 
create the CIO slot. 

Yet Kozik didn’t apply for the job. 
She wondered whether she was ready. 

“I can understand that there’s a con- 
cern: Can the incumbent make that 
transition from being a tactical person 
as head of IT, to seeing the bigger pic- 
ture as CIO? Personally, that was one 
of my concerns,” Kozik explains. “Was 
I the right person? Could I make that 
transition fast enough to benefit the 
company?” 

After nine months of helping inter- 
view external candidates, Kozik decid- 
ed to go for the job herself and was ac- 
cepted immediately. Her insider expe- 
rience at Tellabs ultimately helped her. 
“Nine months of candidates from the 
outside could understand the technol- 
ogy but didn’t understand who we 
were and how we work,” she says. 

The lesson: Play up internal know- 
how. Unlike someone who hasn’t 
worked at the company, she says, “you 
don’t have to go in and learn the cul- 
ture and how things work together to 
make a system at the company.” D 


aspirations needs to have someone who 
is a steward of information and how it is 
used throughout the company,” Siefkas 
says. 


can be anyone in IT management, it's 
usually a CIO who has the vision. 


named CIO after spending just six 
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CIO in Six Months 


Not every company has a CIO, but many 
have top IT managers pining for the posi- 
tion. The title is a recognition they feel 
they're due or a higher station to which 
they aspire. Getting the company to 
come around is sometimes a delicate 
task. But it’s important, says Kirk 
Siefkas, who in June became the first 
ClO at Deere & Co. 


“Every company that has plans and 


Though Siefkas says such a steward 


Siefkas is an unusual case. he was 





months at Deere, a $13 billion, 133-year- 
old farm equipment maker in Moline, lll. 
He went to work at Deere in January as 
vice president of e-business, having 
joined the company from DiamondClus- 
ter International Inc., a Web consulting 
firm in Chicago. The two companies had 
been working together on e-commerce 
projects. 

Even before Siefkas started working 
at Deere, company CEO Bob Lane cited 
him in an industry speech. 

That exemplifies what several first- 
ever ClOs say is their most important 
piece of advice: Impress senior man- 
agers. Stop using technology acronyms, 
and start talking about how IT can help 
reach business goals. 

- Kim S. Nash 


JUST THE 
PERSON FOR 
THE JOB 


Steps to take to create 
your own CIO role 


Act like a chief. 


Learn the business prob 
lems of your company 
20 biggest customers, says 
Cathie Kozik, the CIO at 
allabs. Then seed conversa 

tions with tor 
two things: that information 


5 
and suggestions about what IT 


top executives, according 
r, the ClO at 


€ 
ry 


Recognize 
when to strike. 


Your company may not 
be ready for a ClO, even if 
you are. If you're the IT 
manager and you would 
have to lobby for the cre- 
ation of the CIO position 
“don't do it,” says Marc 
Rubinger, ClO at Genesis 
Health Ventures. “The most 
senior IT person is going to 
be viewed as having selfish 
motives. It has to come 
from the board or CEO.” 

- Kim S. Nash 
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After Capitol One Financial Corp. in 
Falls Church, Va., recently decided to 
scrap its experiment with co-CIOs, 
Computerworld’s Mark Hall thought it 
would be worthwhile to check on how a 
similar management structure is work- 
ing at Omaha-based online brokerage 
Ameritrade Holding Corp. Here’s the 
exchange between Hall and co-CIOs 
Mok Choe and Raymond Dury. 


What prompted Ameritrade to create the 
dual CIO role? 
DURY: Over the past several years, 
Ameritrade acquired six different 


technology divisions through either 
acquisitions or special independent 
initiatives. Those separate divisions 
are now all under Ameritrade Tech- 


nology Group (ATG), reducing ex- 
penses and leveraging synergies. 
This was evident when develop- 
ing and releasing the Ameritrade 
Advantage product suite featuring 
the Advanced Analyzer and Super 


StreamMachine, to name a few. The 
Advanced Analyzer technology was 


derived from our BigEasy technol- 
ogy, while Super StreamMachine 


advancements were from our recent 


TradeCast acquisition. 

CHOE: To continue enhancing the 
focus on the client experience, and 
offer a highly efficient and scalable 
system, and integrate the acquired 


new technologies requires a specif- 


ic set of skills. 

Raymond's background is more 
in financial services technology. In 
fact, Raymond was instrumental in 


the development of OnMoney’s por 


tal technology, including account 
aggregation, while my IT back- 


ground is more focused on creating 


and implementing brokerage appli- 
cations; I helped in the develop- 
ment and optimization of Ameri- 
trade’s high-performance technol- 
ogy trading platform. 

DURY: Having two experienced co- 


CIOs will allow us to meet the tech- 


nology expectations of our clients 
quicker and with more efficiency 
fer our shareholders. [Ameritrade 
CEO] Joe Moglia recognizes this 


and our specialized IT backgrounds 
and therefore created the dual lead- 


ership position. 


How is it structured? That is, who has what 
primary responsibilities? Was it divided 


by technical expertise? Management ex- 


perience? Both? Has anything changed 


since you began working together in this 


role, and if so, why? 
DURY: We have equal responsibility 
for all of ATG. Our relationship is 





“WE HAVE LEARNED that keeping each 
¢ othér informed is most important. If it 
does anything, it builds trust,” says 


PVisiicemeem MOM eM m emer Om 


pictured with co-ClO Mok Choe. 


Clo 


‘The CIO 


WHO ARE THEY? 


Mok Choe and 
Raymond Dury have 
served as co-CIOs 

at online brokerage 
Ameritrade since a 
major management 
restructuring at the 
company in June. 


based on trust, the only way a part- 
nership like this will work. We tend 
to manage those items where our 
skill sets and experience will bene- 
fit Ameritrade the most. 


| To whom do you report? Has that relation- | 


ship changed over time? 

DURY: We both report to Joe Moglia. 
... Our relationship with Joe has not 
changed. 

CHOE: It’s great having another CIO 
to bounce ideas off of who may have 
a different perspective. With a com- 
pany that’s so technology-dominant 
like Ameritrade, we talk and think 
through all major technology deci- 





| 
| 
| 


| 
| 
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sions together. This ensures that 
Ameritrade makes the right tech- 
nology decision from the start. 


What are the benefits of the shared role? 


DURY: We draw on our combined 
experiences, knowledge and skills 
quickly to address technology 
issues and capitalize on insights 
from the business. We can focus 
on a project and still be confident 
that the day-to-day [activity] is 
working well. 


What are the challenges? 


CHOE: We are fortunate not to have 
many personal challenges, so we 
are focusing on the business/tech- 
nology challenges. They will keep 
us busy. 

DURY: We’ve truly created a team 
environment in ATG. Based on our 
individual backgrounds, we both 
address a situation with different 
ideas that seem to become incorpo- 
rated into its solution. 


How often do you two meet to discuss 


issues? 

DURY: As Mok said, we value getting 
each other’s perspective. We talk on 
the phone at least once a day. We 
usually get together once a week to 
discuss longer-term issues. 


Given that you both have had the shared 


role for a while, what are the key 
lessons that you have learned? Are 
there any anecdotes that either of you 
can share that underscore those 
lessons? 

DURY: We have learned that keeping 
each other informed is most impor- 
tant. If it does anything, it builds 
trust. 

CHOE: I agree. You should always be 
able to: 1. trust each other; 2. keep 
each other informed — communi- 
cate often and thoroughly; 3. play to 
each other’s strengths; 4. do not let 
anyone come between you. 


From a personal career perspective, why 


would the two of you want to share a 
job? 

CHOE: We felt that there was a tre- 
mendous opportunity to build on 
our past success by combining all 
the acquired technologies under 
one department with continued 
focus on the client experience. 
DURY: Indeed, this will hopefully 
lead to greater success, since it will 
create synergies and offer the client 
the best online brokerage experi- 
ence. Completing this goal will be 
a positive for anyone’s career. D 
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Services. \ \ 


Then you found out 
they owned the road. 


Then it turned out 
p--to be a dead end. 
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Sun’ ONE. The software platform that'll 
take your IT infrastructure on a pretty sweet ride. 


A lot of companies are out there trying to sell you an “integrated Web Services 
platform.” But what they’re really trying to do is lock you into theirs. Of course, 
integrating your information assets will allow you to offer more services, get bigger 
savings and earn greater profits. You'll also get better customer service, tighter 
supply chains and achieve increased productivity. But how do you do it without 
ripping out and replacing everything? And how do you make it future-proof? 
Sun” ONE is the answer. 


Visit www.sun.com/sunoneinfo to register to receive the Sun ONE starter kit and join the online Sun ONE community. 





IT’S THE FUEL-INJECTED JAVA™ 
AND XML SOFTWARE PLATFORM. 


OPEN STANDARDS MEAN 
YOU'RE IN THE DRIVER'S SEAT. 








Sun ONE is a software platform of rock- 
solid products that lets you integrate 
whatever services you demand. And 
you can leverage the power of your 
legacy systems to launch services today 
without locking you into a dead-end 
solution tomorrow. Sun ONE includes 
the iPlanet™ product portfolio, with the 
most popular LDAP directory server on 
the market, and Forte” for Java™ tools, 
the quickest way to write Java apps 
anywhere. And it’s all built with Java 
and XML technologies, supports SOAP, 


WSDL and UDDI, and runs on Solaris," 


the #1 UNIX® operating environment. 





Unlike some people out there, we don’t 
claim to know everything that’s down 
the road ahead. We build our products 
to be open and integratable, meaning 
they can work with any of the leading 
software products available today 
The Sun ONE platform is optimally 
engineered to work together, and with 
whatever other standards-based prod- 


ucts you have in the platform 





Sun|ONE 


Open Net Environment 


WE'RE A FULL-SERVICE STATION. 
SO COME ON BY. 


Our platform is designed to be easily 
implemented by Sun's extensive team of 
Enterprise Service Professionals, as well 
as by your favorite iForce™ ISV, systems 
integrator or reseller, and deployed reliably 
and securely as a SunTone™ Certified 
solution. We know how to integrate 
network architecture better than anyone 
Now, with Sun ONE, we're launching 
you into a whole new realm of services, 


savings and greater profits 


take it to the n” SS 
& SUN 


microsystems 





What makes Sun ONE go? 


Sun ONE is a combination of vision, architecture, product portfolio and expertise for the creation 
and deployment of services on demand. Here's what's under the hood: 


ee Sea a ee 


{Planet 


iPlanet™ Web/Application Servers iPlanet Integration Server iPlanet Portal Server iPlanet Directory Server 


SUNTONE for third 


Infrastructure 


Services 
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Mz As the industry's 
=< ~~ #1 rated UNIX 
Seay eee 


Sun Professional ronment, Solaris 


Services” qi, 


is the foundation of Sun ONE. It 


delivers new levels of performance 
scalability, availability, manageability 
and security. Through Sun Management 


Center, Solaris Resource Manager 
and Solaris Bandwidth Manager 


software, system resources can be 


easily and effectively managed 
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Building 


Collab 


Though architects 

have historically shied 
away from business 
automation, some 
forward-looking firms 
have begun to tap IT 

to help them collaborate 
across geographies 

and compete more 


effectively for contracts. | 


By Ted Smalley Bowen 


HE IMAGE OF the architect 
as a lone creative genius, 
a la Frank Lloyd Wright, is 
a bit misleading. In reality, 
architecture is an elabo- 
rate exercise in communi- 
cation. Designers often 
work in teams that are geographically 
dispersed. They’re in constant contact 
with clients, and they must coordinate 
their efforts with myriad specialists 
engineers, contractors, government 
agencies and other parties. 

A mind-numbing volume of draw- 
ings, plans, forms, budgets, permits 
and other documents courses through 
the vast and shifting network of par- 
ticipants in a project. The logistics of 
tracking, updating and approving the 
many pieces of information tied to the 
creation of a building is every bit as 


oration 


daunting as the actual construction. 

Players in the industry range from 
single-architect studios to multination- 
al operations, but the sector as a whole 
has been comparatively late to adopt 
IT. This is partly attributable to the 
nature of the work. 

“As an extremely personalized ser- 
vice conducted by rather small compa- 
nies, the practice of architecture is dif- 
ferent in many ways from manufactur- 
ing, banking, insurance and other lead- 
ing-edge IT adopters,” says Mark Clay- 
ton, assistant professor of architecture 
at Texas AXM University in College 
Station and associate director of the 
school’s CRS Center for design and 
construction. “The tools have not been 
very appropriate for architecture.” 

Given the industry’s slim margins 
and susceptibility to economic swings, 
it’s not surprising that many practices 
have been reluctant to jump on the 
business automation bandwagon. Yet 
some firms have capitalized on IT to 
expand their reach and buffer them- 
selves from the vagaries of the market. 

“The [IT] costs have been very, very 
high when viewed as part of overhead 
and capital investment, [so firms] his- 
torically have spent virtually zero dol- 
lars” on IT, says Clayton. “Realize that 
in the 1970s, the office technology of 
an architecture firm was merely a few 
T squares and filing cabinets.” 


Best-Laid Plans 


The IT picture for this sector has 
changed, albeit slowly. According to a 
1998 survey conducted by the Univer- 
sity of Cincinnati, architectural firms 
with 10 to 14 employees spent an aver- 
age of just more than $64,000 per year 
on IT, whereas companies with 100 
people or more invested an average of 
$300,000. Average per-person spend- 
ing among all firms was $4,500. 

Still, some firms that have imple- 
mented virtual private networks 
(VPN), Web-based project portals and 
sophisticated project-management ap- 
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plications are starting to realize the 
benefits. That’s because these tools 
can help larger companies coordinate 
their far-flung internal operations and 
collaborate with clients and partners 
Such tools can also help smaller archi 
tectural firms compete for big jobs or 
major subcontracting roles by simpli 
fying the logistics of collaboration and 
letting the companies emphasize their 
specialized services 

The heavy communications load of a 
typical project is illustrated by the shop 
drawing review process. As architects 
enter the construction phase, they cir 
culate drawings to the various contrac 
tors and subcontractors involved, who 
make revisions and add their own de 
tails. The architects must check and 
approve each of these changes. 

“It’s a long, involved process, anc 
it doesn’t get done in time, it delays the 
whole project,” says Jill Rothenberg, 
chief technology officer and principal 
at ADD Inc., a 200-employee architec- 
tural firm in Cambridge, Mass. 

Usually, each business has its own 
applications and methods for logging 
changes and updates throughout a 
project, which bogs things down and 
leads to repetitive efforts. The central- 
ized log of a Web-based project-man- 
agement system can alleviate some of 
this hassle. Unfortunately, Web-based 
repositories can be limited and rigid 
and often represent a least-common 
denominator, Rothenberg says. 

Maintaining a project Web site for a 
recent job allowed ADD to coordinate 
with clients in Boston and the Mid- 
west, a lawyer in Chicago, and consul- 
tants in multiple locations. It also 
helped cut travel and postage costs and 
shortened the length of the project, 
says Rothenberg, though she was un- 
able to provide cost savings estimates 

The need for architects and other 
key players to frequently communicate 
during projects has led some firms to 
implement VPNs. For example, Kohn 
Pederson Fox Associates PC (KPF), a 
450-person firm in New York, is setting 
up a VPN to link its London and Tokyo 
offices and other temporary field 
offices, says James Brogan, director 
of IT at KPF. In addition, the VPN will 
enable the firm to host online project- 
management applications in-house, a 
departure from the typical reliance on 
third parties to run such systems. D 


Bowen is a freelance writer in Boston. 
Contact him at ted_bowen@hotmail.com 
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Learnin 
‘lo Let 


Delegating is one of the hardest things for a project 


manager to master, says consultant Stan Portny, author 


of Project Management for Dummies, published by 
Hungry Minds Inc., which was bought by John Wiley 
this fall. Portny recently spoke with Computerworld’s 
Kathleen Melymuka about how new project managers 
can learn to delegate and avoid micromanaging. 


Why do so many IT project managers find delegating 
so difficult? Many people who are project man- 
agers never really studied how [to delegate]. 
They got there because they were good ina 
technical field. They may be uncomfortable be- 
cause there’s a change in role from a technical 
specialist to a project manager. No longer are 
you personally asked to perform all technical 
tasks; you're asked to guide others. 

How does an IT project manager get over a psychologi- 
cal resistance to delegating? Understand what 
the expectations of the new job are. Many new 
project managers don’t have a strong apprecia- 
tion of how those expectations have changed. 
Get together with your boss and get a better 
sense of what’s expected. 

One of the reasons project managers don’t 
delegate is they like to do the technical work. 
Figure out ways you can stay involved and un- 
derstand what’s going on without having to be 
doing the work. Probably the biggest thing to 
overcome is the knowledge that you can delegate 
authority but you can’t delegate responsibility. 
You're still the one who has to ensure results. 

“But no one does it as well as | do.” In many instances, 
you might be right. But the reality is, no matter 
how good you are, you can’t do everything. 


Do’s and Don'ts 
Of Delegating 


WHO IS HE? 





Project management consultant 
Stan Portny has worked with 
more than 100 public and private 
organizations in the fields of 
finance, consumer products, 
insurance, telecommunications, 
pharmaceuticals, IT, defense and 
health care. He is president of 
Stanley E. Portny and Associates 
LLC in Short Hills, NJ. 
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Choose the right person; not every 
person can handle every task. 


Explain why the task is important; 
that will get his commitment. 
Encourage him to estimate the time 
and resources needed to complete 
the task before he commits. 


Let him know it’s OK to say no. If he 
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There’s something in economics called the Law 

of Comparative Advantage: Spend your time 

where you'll get the greatest benefit from your 

effort. You need to recognize that even if a per- 

son is not as good as you are at a task, it may be 
| worth it to delegate so it frees you up to do an- 
other task you’re uniquely qualified to do and 
one that will generate more benefits. 

How do you get your team to give you what you want 

without micromanaging? The manager needs to 
design a process to give him or her a level of 
comfort without living in people’s shoes. If 
you're not comfortable letting people go a cou- 
ple weeks with no contact, work out upfront a 
series of points where you'll check in. 

It helps to recognize that not all tasks are 
appropriate to delegate. Tasks that have better- 
defined procedures tend to be more amenable 
to delegation because they’ve been done before 
and there is a certain amount of confidence that 
things will go the way you'd like. A task that has 
poorly defined outcomes may not be appropri- 
ate to delegate. If you can’t tell them clearly 
what you're expecting them to do, how can they 
do it? If there’s a task you have to handle your- 
self, keep it. 

You say delegating isn’t an all-or-nothing exercise. 
Please explain. There are different levels of dele- 
gation, depending on the task, the person and 
your relationship with the person. The first lev- 
el is “Get in the know.” Get some facts and bring 
them to me so I can take the next steps. The 
second level is “Show me the way to go.” Get 
the facts and develop alternative actions based 
on the facts. Third, “Go when I say so.” Do 
everything above, and be prepared to imple- 
ment the option I pick. Fourth, “Go unless I say 
no.” Propose what to do and, if I don’t stop you, 
do it. Fifth, “How did it go?” Here’s a task, do 
the analysis, take action and let me know what 
happened when you're done. Final level: “Just 
go.” I don’t need to hear about it again unless 
there’s a problem. 

This could get complicated. The key is not just to un- 
derstand the possible levels of delegation but to 
clearly agree upfront with the person who gets 
the assignment exactly what the level is. One of 
my strongest suggestions is to put it in writing. 
The biggest problems with delegation are often 

communication problems. Putting it in writing 

| gives a sense of clarity, a reference and a reminder. 

| And did you ever notice how people’s attitudes 

change when you put something in writing? D 





can’t do it, it’s better to know sooner 
rather than later. 





8 Encourage him to come back with 
questions. 





Oo Set up a time frame to monitor 
progress without micromanaging. 





© Recognize performance during 
and after the task. 








E-Business 


Best Practices, 
Knowledge Exchange, 
Mentorship 








An Exclusive 
Membership 
Opportunity : 


These are just a few of the 
important services offered 
by the E-Business Communication 


Association (EBCA), an organization developed 
Professional 
Development 
Opportunities 






to serve the needs of pioneering E-Business 






Communication Strategists— professionals that 





know how to make the best use of technology to 
meet e-commerce and business communication 
objectives. Learn how to put e-business strategies 
into practice. The EBCA is the world’s most comprehen- 
sive organization of professionals who face the same challenge 


as you— making e-business work. 


For more information about 
the EBCA, visit us today at: 


www.ebusinessca.com 


(2-BCA 


E-BUSINESS COMMUNICATION ASSOCIATION 








With the pace of e-business today, swift decision 
making has never been more important. Or more 
challenging. Yet most ROM cn eraoine tts 
remains too narrowly focused on one discipline 
or another to provide a broad view of your total 
organization. But with e-Intelligence from SAS, 
you can track information from anywhere across 
your enterprise, providing the framework for real 
performance management, Enabling you to align 
your company around common goals. Measure 
progress daily, even hourly. Deliver information 
into the right hands, at the right time. And make 
decisions while they still can make a difference. 
For more details about how e-Intelligence from 
SAS can improve your company’s oo uelusnrevetcon 


call 1-800-727-0025 or stop by www.sas.com. 


The Power to Know. Yo het 








WORKSTYLES 


Doing Double 
Duty at MSNBC 


Since the Sept. ll terrorist attacks on 


ities for IT workers and site traffic at 
MSNBC have doubled. 


Number of IT employees: “About 27, 
divided into four groups: internal IT 
to handle desktop and infrastructure 
issues, the Web operations team to 
manage the server farm and the tech- 
nology that supports our outward- 
facing servers, the video team that 
does the video encoding and man- 
ages our satellite systems, and the 
news production team that sits with 
our editorial staff and helps publish 
our content.” 


Site users: “Before Sept. ll, we aver- 
aged a little over 3 million unique 
users per day. On Sept. 1] and the 
week after, we had five to six times 
normal traffic. Currently, we’re run- 
ning about two times the norm.” 


What kind of pressure has there been on 
IT since Sept. 11? “There’s been a sig- 
nificant increase. Breaking news is 
coming all the time, and we’re con- 
stantly publishing and making sure 
the site is available with the in- 
creased load. We’ve had to monitor 
all of our machines much more 
closely to ensure they’re running 
smoothly. We’ve had to pull extra 
shifts to make sure the necessary 
support is available across all four 
groups. And we've had to rely more 
on our outside caching vendor, 
Akamai, which takes our images and 
hosts them on their network because 
the load is so great.” 


What has been the biggest IT challenge? 
“Just the onslaught of users wanting 
the information — especially on the 
llth and the day following. You can’t 
build your system out with 50 times 
normal capacity. You try to balance 
what your normal usage is and give 
yourselves headroom, but you can’t 
give yourself enough headroom for 
the kind of day we had on the lth. 
That afternoon, we started to rely 
more heavily on Akamai to serve our 
images, and putting some of the load 


: on them helped. We maintained our 
the U.S., the workload and responsibil- 
few sites that did that day. And we 

: broke all our records on video. We 

: had over 150,000 simultaneous video 
: streams at one point.” 


video streams — we were one of the 


: Mission-critical systems: “Our Web 

: servers, or else we’re not serving 

; content. E-mail is our lifeblood inter- 
nally, and database systems and news 
: feeds are also critical.” 


: Major projects: “A lot of our special 

: projects have been on hold since 

: Sept. ll because we need the skills 

: and head count to manage our day- 

? to-day systems. But we are hosting 

i the site for the 2002 Winter Olym- 

: pics, and there’s no slip date for that. 
: It starts on Feb. 8, so we have to... 

: make sure we are building out our 
systems to handle that load.” 


C 3 


: keep a dual career path open to my 
: people for going into management or 


staying on a technical path.” 


: Bonus programs: “All MSNBC.com 
: employees are on a bonus plan based 
: on meeting our business and revenue 


goals. There also can be spot bonus- 


: es or a bonus as part of the employee 
: review process.” 


: Workday: “Ordinarily, it would be 
: from 8:30 or 9 [a.m.] to 6:30 or 7 
: [p.m.]. Now, we get in by 8 or 8:30, 
: and I haven't left much before 8, 


sometimes 9.” 


: Must people carry beepers? Cell 

: phones? “I carry a cell phone, and 

? everyone on my team carries one or 

: the other. After-hours calls have dou- 
: bled since Sept. 11.” 


: Security badge/card needed to get into 
: the building or office? “Yes, and we’ve 
: had some increased precautions in 

: place since Sept. 11.” 


: Kind of offices: “We have our own of- 
: fices, but not our own building, on 
the Microsoft campus. The news- 

? room area looks like any newsroom 


MSNBC 


Interviewee: Dave Mahlum, manager of 
site engineering 


“Internally, we support 160 to 180 users. We 
also partner with Newsweek and other orga- 
nizations and provide some support to them.” 


: IT training: “I am adamant that my 
people stay very current. We use in- 

: house training, outside training and 

: vendor training for the products 

: we're using. We are very current on 

? new Microsoft technologies, and 

: we're able to work with them in early 
i beta stages and evaluate what bene- 

: fits they’ll bring us.” 


: Employee reviews: “We've traditional- 
ly done it twice a year, but we’re 

: changing to once a year. We also have in- 
: formal reviews where we go over 

i project status, success and failures.” 


 {T career paths: “In my group, I try to 


: — very open. And outside the core 
? newsroom, we have two floors for IT, 
: developers and management.” 


: The last word: “Working in IT in a 

? news organization is very fast-paced, 
: very dynamic. Working on a standard 
: e-commerce site, you pretty much 
know day-to-day how many people 

: will come to your site. It doesn’t fluc- 
: tuate a lot. In the news business, you 
: have no idea when you wake up 

: what’s coming down the pike that 

: day or what your limits are. The big- 
ger the story, the more people come.” 


- Leslie Jaye Goff 
Igoff@ix.netcom.com 
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Dear Career Adviser: 


I have a bachelor’s degree in computer science and began 
my application development career three years ago with 
C++ and Microsoft Foundation Classes. I switched com- 
panies two years ago and began working on e-business 
applications using Java and Web technologies. However, 
I was laid off several months ago. 


My skills are split equally 
between C++ and Java, and nei- 
ther seems deep enough for this 
market. Should I get a master’s 
degree in Java 2 Enterprise 
Edition (J2EE) computing, or 
should I keep on hunting for a 
C++ position? 

TOUGHING IT OUT 


Dear Tough: 

Three years of Java and C++ 
aren’t enough for today’s very 
competitive job market, notes 


Michael Lanehart, president of | 





Intelligence Connection in 
San Francisco. Overall, you'll 


| need to show that you’re 


working on multitier scalable 
applications, which typically 
involve J2EE, and that you 
have a true software engineer- 
ing ability to solve problems 
no matter what language is 


| used, he says. 


Whether you decide to sit 
out this very difficult job mar- 


| ket by getting an advanced de- 


gree or to keep on searching 
for a job, you'll still need 
in-depth knowledge in spe- 


CRU Ne 


ROBERT M. 
ABARBANEL, 
formerly a 
manager and 
principle scien- 
tist in mathe- 
matics and 
ABARBANEL = muting 
technology at 
The Boeing Co., has been named 
ClO at Genset SA, a biotechnology 
company in Paris. Abarbanel will 
report to CEO Andre Pernet. He will 
be responsible for IT operations, 
networking and biocomputing. 


Inc. has named RICHARD WHITE 
as CIO. White, 43, will report to 
Jim Peters, president and chief 
operating officer of the off-price 
retailer. Prior to this appointment, 
White served as president of Mat- 
thews, White & Co., an Alamo, 
Calif.-based management and 
strategy consultancy. Ross Stores 
operates 431 stores in 21 states 





and generated $2.7 billion in sales 
in fiscal 2000. 

FEI Co. has appointed DAVID 
O'BRIEN as its new CIO. O’Brien 
will provide global support for IT 
infrastructure systems and report to 
Jack Hodgson, the company’s chief 
financial officer. O’Brien was most 
recently CIO at Fremont, Calif.- 
based Credence Systems Corp. 

He held various senior management 


| positions in IT, marketing and engi- 
| neering at the test equipment man- 


ufacturer for the semiconductor in- 
dustry. FEI, in Hillsboro, Ore., is a 


| capital equipment manufacturer. 


JOHN JOBACK, 
54, has joined 
Frederick, Md.- 
based Farmers 
& Mechanics 
Bank as CIO. 
He will report 
to Faye Cannon, 
president and 


| cialized markets in order to 
find work, Lanehart says. In 
other words, if you return to 
school, you might focus on 
J2EE and security, becoming 
an expert in all the security 
protocols that relate to J2EE. 
Alternatively, Lanehart says, 
should you continue to look 
for a job, you'll need to show 
specialized knowledge in a 
particular application requir- 
ing Java, plus expertise in a 
specific area such as biotech- 
nology, data mining, artificial 
| intelligence or e-mail. 


CEO of F&M Bancorp, the bank’s 
parent company. Prior to this role, 
Joback served as CIO and chief 
operating officer of Net Express 
Bank NA, an online bank in Silver 
Spring, Md. 


STEVEN C. RU- 
BINOW has 
been appointed 
chief technology 
officer at Archi- 
pelago LLC in 
Chicago. Rubi- 
| RUBINOW now will lead 

IT operations 
and client connectivity and develop- 
ment groups, and oversee construc- 
tion of a state-of-the-art data cen- 
ter. He will report to Gerald D. Put- 
| nam, the company’s CEO. Most 
recently, Rubinow was CIO at San 
Francisco-based NextCard Inc., an 
online provider of consumer credit. 


Proflowers Inc., a floral company in 
San Diego, has appointed KEVIN 
HALL as CIO. Hall will report to CEO 
Bill Strauss. In his new role, Hall 
will be responsible for the develop- 
ment and implementation of IT ini- 
tiatives that improve process opera- 





| Tough should 

| count his bless- 
ings,” says Lane- 
| hart. In this mar- 





Today’s Java 
candidates also 


| need experience 
| with a Java appli- 
| cation server such 


as BEA Systems 
Inc.’s WebLogic 
or SilverStream 
Software Inc.’s 


eXtend Applica- 
| tion Server. 


“All in all, 


ket, some people 


| have been laid off three or 


four times. 


Dear Career Adviser: 


You recently provided clues 


for finding IT jobs in govern- 
| ment. Any tips about finding IT 
| jobs in education? 


— ACADEMIC IT 


| Dear Academic: 


Check out the Chronicle for 
Higher Education and Higher- 


| EdJobs.com, which is a site 


tions and Web site usability. Previ- 
ously, Hall was chief technology and 
information officer at Amherst Cor- 
porate Computer Sales & Solutions 
Corp. in Merrimack, N.H. 


InsureZone Inc., a national online 
insurance agency in Fort Worth, 
Texas, has announced the appoint- 
ment of PAUL HARRISON to the 
new position of CIO. He will report 
to President and CEO J. Russell 
“Rusty” Reid. Harrison previously 
served as InsureZone’s director 

of development. Prior to joining 
InsureZone, Harrison was manager 
of development at Revenue Tech- 
nology Services Corp., a provider of 
revenue management software. 


ERIC GOLD- 
FARB, formerly 
the CIO at Indi- 
anapolis-based 
Macmillan USA, 
a division of 
global media 
company Pear- 
GOLDFARB son PLC in 
London, has been appointed CIO 
at Global Knowledge Network Inc., 
a Cary, N.C.-based provider of IT 


FRAN QUITTEL is an expert 
in high-tech careers and 
recruitment. Send 
questions to her at 
www.computerworld.com/ 
career_adviser. i 
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that lists IT posi- 
tions primarily at 
East Coast univer- 
sities and colleges. 
While faculty va- 
cancies typically 
occur in synch 
with the academic 
year, administra- 
tive hiring can oc- 
cur at any time. 
Many colleges 
and universities 
are moving away 
from mainframe 
applications to 
more client/server 


| and Web-based applications, 


notes Eric Blessner, CIO at 
HigherEdJobs.com in State 
College, Pa. 

Plus, you might have an 
additional edge over other 
job seekers if you understand 
how to express academic 
coursework on the Web and 
the implications of technology 
changes on the curriculum, a 
topic addressed by Denver- 
based eCollege.com. 

Beyond these wrinkles, IT 
within academic institutions 
mimics typical business. D 


training programs. Goldfarb will 
report to Duncan Anderson, presi- 
dent and CEO of Global Knowledge 


Luminent Inc. 
has named 
ROSS MAY- 
FIELD as its 
new CIO. In this 
role, Mayfield 

4 will lead the 

= , development of 
MAYFIELD a global infor- 
mation system to integrate opera- 
tions in the U.S., China and Taiwan. 
Mayfield will report to Luminent 
USA President Uri Levy. 

Mayfield recently served as a 
justice information specialist at 
SEARCH, a Sacramento, Calif.- 
based consortium for improving 
criminal justice information systems 
(www.search.org), where he devel- 
oped systems for two state courts 
and the Federal Reserve Bank. 

Prior to this position, Mayfield 
was CIO at Enterprise Systems Con- 
sulting Inc. in Irvine, Calif. 

Luminent, a manufacturer of 
fiber-optic components, is in 
Chatsworth, Calif. 





Add storage and content without adding more racks. With help from DataCore. Our SANsymphony™ software virtualizes storage, creating shared 


pools from any networked assets. So you can use storage from one server to alleviate the growing pains of another. For more on virtualization, 


read our free white paper at www.datacore.comVclick. After all, the best way to solve your storage problem is to keep it from ever becoming one 
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More hospitals around the world are running 
their “life-or-death” applications on Caché 
than on any other database system. 

With proven reliability like this, you should 
consider Caché for your critical applications. 


With its lightning speed and massive scalability, 
the performance of Caché makes it a perfect 
match for any enterprise, in any industry, with a 
requirement for fast transaction-processing 
applications capable of scaling to tens of 
thousands of users. 


Caché uniquely combines robust object and 
relational technologies, coupled to a multi- 
dimensional data engine. Plus, it includes a rapid 
Web application development environment. 


Caché is backed by 24x7 support from 
InterSystems — a leader in high performance 
databases for 23 years, with 4,000,000 users* 
worldwide in healthcare, financial services and 
other industries. 
InterSystems » 

Ee CACHE 

i 

CLL 

Make Applications Faster 


Download Caché for free or request it on CD at www.I|nterSystems.com 


* InterSystems’ database technology is used by Ameritrade, Hitachi, Johns Hopkins, Kennedy Space Center, 
Pepsi Cola, Prudential Insurance Co., Shell, U.S. Army, World Bank and other successful enterprises 
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CRM: CUSTOMIZATION 


In customizing customer relation- 
ship management software, the less 
tampering the better, say practi- 
tioners. But that hasn’t stopped 
some users from extending their 


CRM: WIRELESS 
APPLICATIONS 


Despite the growing de- 
mand for wireless CRM 
applications, IT man- 
agers must balance 
what users would like 
against what today’s 
technology will allow. PAGE 50 


FUTURE WATCH 


A computer being built in New 
Mexico will be able to perform 
more operations in one second 
than were performed by unaided 
human beings in all of history, says 
Stephen M. Younger. A former se- 
nior security official at Los Alamos 
National Laboratory, Younger envi- 
sions computers so powerful they 
become “self-aware.” PAGE 52 

A Dynamic Link Library (DLL) is a 
small application that’s called on 
by a larger application to provide a 
service or set of data. Although 
DLLs are specific to Windows, oth- 
er operating systems use similar 
programming techniques, such as 
Shared Objects in Linux. PAGE 54 


SECURITY JOURNAL 


Although he says there’s no re- 
placement for experience, security 
manager Mathias Thurman pre- 
pares to take a security certifica- 
tion exam in order to gain some ad- 
ditional credibility. PAGE 56 





ECHNOLOGY 


NICHOLAS PETRELEY 


Lowered XPectations 


’VE BEEN LOOKING INTO WINDOWS XP, and I may purchase a copy. 


No, I haven’t sold out. My integrity is unassailable 


unless the Mi- 


crosoft PR folks discover my one weakness and offer me a date with 


Shania Twain. 


I am considering Windows XP because I’m a sucker for Windows 
computer games, and I’m tired of Windows 98 SE crashing all the time. I’m 
most certainly not going to use it to do real work, however, and I strongly 


recommend that you don’t either. 


Windows XP has been surrounded by controversy. But none of the most 
controversial issues have anything to do with my verdict. Yes, Passport de- 


serves to be burned at the stake. But I have no inten- 
tion of signing up. Yes, Microsoft should be raked 
over the coals for threatening license audits to win 
long-term upgrade deals. But there’s nothing morally 
wrong with requiring individuals to register Win- 
dows XP. Having to do so again after hardware 
changes is annoying. Big deal. 

I’m giving it a big raspberry for business use be- 
cause almost everything about it is a sham. But worst 
of all, this sham is built on a foundation of needless 
complexity that exists only to make it difficult for 
developers to migrate applications from Windows to 
any other environment. 

Take fast user switching, for example. This feature 
makes for a great demo. Here’s mommy working on a 
document. Sally decides she wants to play a game. 
Thanks to fast user switching, mommy can take a 
break and Sally can log into her own account, com- 
plete with Hello Kitty desktop wallpaper, to play her 
game. All without mommy having to close the word 
processor and log out first. 

But the only reason Microsoft calls this “fast user 
switching” instead of “multiuser operating system” is 
because Microsoft has been referring to Windows 
NT as a multiuser operating system since 
it first appeared on the drawing board. 
Given that perspective, it seems rather pa- 
thetic that it would be a novel experience 
to see two different users logged in at the 
same time. 

Here’s a news flash for Microsoft: I can 
log in as four different users on my Linux 
desktop machine. XP users can have cus- 
tom desktop profiles? I can do better. Two 
of the Linux users are running the KDE 
desktop environment, one is running 
GNOME and another is running Window- 
Maker. I’m running several applications in 


NICHOLAS PETRELEY is a 
computer consultant and 
author in Hayward, Calif 
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each session, including the same word processor in 
three of them. I can switch from one session to an- 
other with a keystroke. Call me when XP can do that. 

What worries me isn’t that Windows XP won't 
catch up, but how it will work under the hood if it 
does. One reason Unix juggles multiple users well is 
because its designers didn’t have “Prevent develop- 
ers from moving to other platforms” as their first 
priority. This led to sane practices, such as restrict- 
ing an application’s ability to write to any directory 
except the temp directory, the user’s home directory 
and perhaps a device. 

In sharp contrast, Windows XP doesn't just allow 
applications to write to system files, it expects them 
to. That’s why legacy applications often misbehave 
when two different users run them on the same ma- 
chine at the same time. If the legacy application is 
accustomed to writing data to the HKEY_LOCAI 
MACHINE key in the system registry, the users will 
either experience data access errors or they will 
overwrite each other’s data. 

Microsoft’s proposed solution is to get developers 
to rewrite their applications to use the HKEY 
CURRENT_USER registry key. What I want to know 
is why should applications be able to 
write to any system registry files? Not 
only is it totally unnecessary for all of 
Windows to live or die by a few critical 
files structured as an incomprehensible 
hierarchical database, but it’s also just 
plain irresponsible to expose any of these 
files to user applications. To do so turns 
every bug into an opportunity for sys- 
temwide mischief. 

I wish I could say that’s the worst of it, 
but there’s more. I’ve saved Microsoft’s 
“crowning achievements” for Windows 
XP until next week. D 





Customizing a CRM application 
is risky, users say. But in some 
cases, the benefits make that 
worthwhile. By Marc L. Songini 


ESSNA AIRCRAFT CO. faced 
an unusual problem in arm- 
ing its salespeople with the 


right data to make and close 


deals: It wanted to install a 

sales force automation tool 

and connect it to the “most 

extensive” customer data- 

base in the aircraft industry, 
says Dave Turner, manager of network 
systems at the Wichita, Kan.-based air- 
craft manufacturer 

Originally, database administrators 
had to look up prospect information, 
print it out and then fax it to salespeo- 
ple. The system also generated multi- 
page end-of-month printed reports. To 
save money, time and effort, Cessna de- 
cided to automate the process. 

The sheer size of the database made 
the task daunting. Cessna needed to be 
able to extract information 
not only about its customers 
but also on individual air- 
planes and then slice and dice 
the data and get it out to the 
global sales force. The compa- 
ny decided to customize the data mod- 
els — the sort of move many users and 
analysts view as a risky proposition. 

The less tampering users do with 
vanilla applications the better, practi- 
tioners say. Customizing customer re- 
lationship management (CRM) soft- 


| This includes having access to devel- 


| and configure business rules and 


| goals. “Given that every organization 


TECHNOLOGY 


ware can be expensive, difficult and 
time-consuming, and it can make the 
core application unstable and difficult 
to upgrade. Indeed, some users advo- 
cate retooling business processes 
rather than tinkering with CRM code. 
However, for companies that need to 
preserve a competitive advantage, 
adding vertical-market features or ex- 
ploiting homegrown technology may 
make sense. 

Rather than customizing, look for 
applications that are flexible enough to 
allow changes through configuration, 
says Steven Bonadio, an analyst at 
Meta Group Inc. in Stamford, Conn. 





oper tool kits, being able to develop 


| 
workflows, and adding new fields on 
the user interface layout. 
On the other hand, Bona- 
dio says, it’s unrealistic to 
assume that there will be no 


customization. The degree of 

tweaking will depend on the 

sophistication of the user’s 
operations, whether external interfaces 
are needed and the CRM project’s 





has unique business requirements, 
some combination of both configura- 
tion and customization is often neces- 
sary,” Bonadio says. 


| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 


Cessna chose Fairfield, N.J.-based 
StayinFront Inc.’s Visual Elk sales force 
automation product and Panorama de- 
cision-support tool to extract customer 
information stored in a Microsoft SQI 
Server database. The project required 
programming services from Stayin- 
Front to create special data models be- 
fore two in-house developers took over. 

“It’s always growing,” says Turner. 
“You don’t make it too complex. De- 
fine the requirements very clearly, and 
live, breathe and eat and drink the re- 
quirements. You need to be hard in not 
letting people change the scope of it.” 

When the new system went live, 


| salespeople were able to access the 


database from their desktops — both 
through Web interfaces and other con- 
nections, notes Turner. “They look it 
up in Zimbabwe as the plane rolls up 
on the ramp and look in the database 


A GLANCE 


Should You 
Customize? 


It’s worth considering if you: 

w Need industry-specific features 
w Require changes for competitive 
advantage 

m Need to preserve legacy code 
and processes 


But be aware of the trade-offs: 
w Customization and ongoing 
maintenance may be expensive. 

w Programming changes may cause 
problems with the core application 
w CRM software upgrades may not 
work with the customized code. 
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and find out who is the chief pilot, who 
owns it and who operates it,” he ex- 
plains. “It also allows them to do 


| queries by region.” 


| Competitive Customization 


Despite successes, users offer 
caveats about customizing. “Maintain- 
ing customization gets difficult, and 
you don’t get to take advantage of new 
[upgrade] functions,” warns Greg Au- 


| gustine, director of CRM and e-com- 


merce at TidalWire Inc., a Westboro, 
Mass.-based distributor of storage in- 
terconnect products. Nevertheless, 
the company decided to customize its 
e-business Web site, which includes 
applications from San Mateo, Calif.- 


| 3 5 
based Siebel Systems Inc. 


In order to preserve the look and feel 
of its existing e-commerce site, the firm 
used a customized version of Siebel’s 
catalog product. Boston-based CRM 
services provider Akibia Inc. handled 
integrating the catalog with TidalWire’s 
e-business site. To keep users from hav- 
ing to log in twice — once to get into 
the main site and a second to get into 
the catalog to make purchases — Tidal- 
Wire used Microsoft Corp.’s Active 
Directory and a special user interface, 
Augustine says. 

The project took four months and 
cost thousands of dollars but was worth 
the effort, Augustine says. TidalWire 
now has a single product catalog that 
serves its sales force, operations group 
and Web site. Web requests for price 
quotes and orders are automatically di- 
rected to the right salesperson and can 


be tracked along with sales data, he says. 


Some companies opt to avoid cus- 
tomization. Alberta Treasury Branch- 


Extendine 
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Cessna’s salespeople have access to data through four channels: They can use a thin-client Citrix Systems Inc. MetaFrame 
eSSsild | om ~Server, the Web or a direct LAN connection, or they can periodically sync up the desktop to the network. StayinFront’s Panorama 
software extracts requested data from the SQL Server database, which contains customer information, airplane data, main- 
tenance records and other information, and routes it to the requester through the appropriate channel. Cessna modified the data models and business rules in StayinFront’s Visual Elk to allow special 
sets of data to be presented to each client type. 
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nd database sérvers 
rosoft SQL Servet 


a. promadians and 
processing groups 
Desktop client LAN'¢onnector 


intranet users, internal staff 


Web connector. 


CRM/sales force automation server 
Visual Elk Sales force automatigit software, 


Panorama détisian-support software 


es, an Edmonton, Alberta-based bank, 
was able to use IBM’s MQSeries appli- 
cation messaging software to enhance 


its Siebel CRM call center system. The 


bank wanted to share real-time trans- 
action updates with service staff, says 
Ken Casey, vice president of opera- 
tions. MQSeries ties the back-end host 
with the Siebel applications in the call 
center in near real time. 

By knowing exactly what custo- 
mers’ financial status is, the bank has 


Citrix MetaFrame 
server 


€all center group 
Ciffix thin-client connedtor 


been able to improve customer satis- 
faction, reduce errors and save money 
by making the process more efficient. 
The bank hired IBM to build inter- 
faces to its host while tinkering with 
the core technology as little possible, 
Casey says. 

However, he notes that the bank was 
cautious about the project. “The last 
thing we wanted to do was fool around 
with something that was a proven 
technology,” he says. D 


CRM 


. Sales groups / 
Remot@gynchronization cannector 


— > LAN line 
~~ > Web connection 
> Dial-up connection 


A Collaborative Effort 


CreoScitex hopes to avoid customization issues by adding 
mySAP’s collaboration capabilities to its application suite 


Not every add-on function requires cus 
tomization. Some users prefer to combin 
appiication suit 


vendor tor easier | 


omponents from a sin 
nstallation. But in the 
of collaboration, few tools are available t 
day that let CRM applications talk tc I 
applications, says Erin Kinikin, an analyst at 
Cambridge, Mass.-based Giga Information 
Group Inc 

At CreoScitex in Burnaby, British Colum 
bia, employees are rolling out collaborative 
features in SAP AG's mySAP.com Web- 
based CRM module across 30 offices 
worldwide. The CRM rollout will tie together 
a variety of information systems and allow 
CreoScitex to share customer data through- 
out the enterprise 

A division of Creo Products Inc. that sup- 
plies digital prepress equipment to the 
graphic arts industry, CreoScitex more than 
doubled in size following a merger in April 
last year. It needed to connect different 


legacy systems and allow business partners 


and customers to collaborate. The multi- 
million-dollar project is slated for comple 
tion by the end of next year. 

“We'll get payback through cost savings 
in two years through efficiency improve- 


points, is very important, says 

He notes that the mySAP sui 
contains middleware to translate c 
tween the R/3 and CRM systems, minimizing 
the customization requirer 
difficulty of the project 

“We think that very little customiz 
will be required,” Pritchard says. He ad 
however, that linking mobile u 
will be “quite a bit more complicate 
the need to keep laptops and centra 
base records in sync.” 

Mare L. Songini 
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TECHNOLOGY 


The technology limitations of 
wireless largely determine which 
CRM applications are practical 


today. By Marc L. 


HEN THE state of Cal- | 
ifornia faced rolling 
power blackouts last | 
summer, it decided it | 
needed to let the 
public know what 
was going on by way 
of the wireless Web. 
To make that happen, 
the state developed a wireless notifica- 
tion system that sends out personalized 
alerts from the My California state In- 
ternet portal (http://my.ca.gov/Atate, 
portal/myca_homepage.jsp). Using ap- 
plications from Kana Communications 
Inc. in Redwood City, Calif., wireless 
users can subscribe to receive automat- 
ic e-mail notifications of impending 
blackouts, traffic alerts, press releases 
and even winning lottery numbers, says 
Arun Baheti, director of 
e-government for the state of 
California. 
The state internally devel- 
oped software hooks to let 
users of personal digital assis- 
tants (PDA), cell phones sup- 
porting the wireless access 
protocol (WAP) or other WAP devices 
receive text messages. And these users 
can access a stripped-down version of 
the existing My California Web portal 
by way of a wireless gateway server. 
The state is an early adopter, pio- 


Songini 


neering the wilds of wireless customer 
relationship management (CRM). 
Users see the potential value in some 
basic applications today, but they also 
face technical obstacles that limit 
which applications are right for wire- 
less. Those obstacles include questions 
about connection security, session reli- 
ability issues, coverage limitations, de- 
cisions about what data to reformat for 
smaller screens and the possible need 
to re-engineer business processes to 
accommodate wireless users. 


| Growth vs. Maturity 


The demand for wireless CRM ap- 
plications is growing. According to a 
recent report from Scottsdale, Ariz.- 
based Cahners In-Stat Group, about 
47% of the U.S. workforce will have 

access to PalmPilots, WAP 
phones, pagers and other 
mobile computing devices by 
year’s end. By 2004, it said, 
60% of the workforce will be 
using wireless devices. And 
domestic businesses are ex 
pected to spend $37 billion 
on wireless services this year, a figure 
that will jump to $74 billion in 2005. 

Fueling this growth is the continued 
evolution of wireless technology and 
the fact that it’s relatively cheap to de 
ploy, according to Cahners In-Stat. 


But users and analysts still have 
some big doubts about the state of the 
technology. “Overall, it’s still in its in- 
fancy,” says Dennis Gaughan, an ana- 
lyst at AMR Research Inc. in Boston. 
“When I talk to end users about wire- 
less in general, there is still the ques- 
tion about the maturity of the underly- 
ing technology and security.” He notes 
that companies tend to roll out CRM 
packages in stages, and wireless is gen- 
erally considered in Phase 2 or 3. 

Today’s wireless CRM applications 
come in two flavors, Gaughan says. 
Wireless infrastructure vendors offer 
applications that can be adapted for 
CRM, such as IBM’s WebSphere 
Everyplace Suite. 

Business application vendors, such as 
SAP AG and San Mateo, Calif.-based 
Siebel Systems Inc., either offer CRM 
applications with embedded wireless 
capabilities or provide add-on prod- 
ucts that attach to application servers 


A GLANC 


| Should You 
Go Wireless? 


w Wireless CRM currently works best 
for e-mail alerts and information 
tidbits such as checking flight times 


@ Slow transmission speeds, small 
screen sizes, intermittent connections 
and other technical issues currently 
limit wireless CRM's usefulness for 
more sophisticated applications 

w Emerging 2.5G and 36 cellular 

| wireless technology should eventually 

| improve performance and reliability. 
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and enable mobile connectivity. These 
vendors typically offer two options: 
browser-based real-time access to 
back-end applications or a Windows 
CE or Palm-based client/server applica- 
tion that offers local, off-line access to 
limited data subsets and periodic syn- 
chronized updates to the application 
server. Since synchronization takes 
place in the background, the latter ap- 
proach makes slow connections and 
dropouts tolerable while allowing off- 
line access to data. However, browser- 
based access lets users see real-time 
changes to account information. 

For instance, administrators using 
the mySAP CRM application can in- 
stall the mySAP Mobile Business mod- 
ule on the application server or an at- 
tached server and deliver data to any 
wireless device with a browser inter- 
face. The system can be configured for 
real-time or synchronized data access. 

For some users, the state of wireless 
CRM technology is good enough; the 
only question is figuring out how to 
use it properly. That was an issue for 
the state of California when dealing 
with its energy crisis. “There’s nothing 
inherently good about having things on 
the Web or wireless,” says Baheti. “Part 
of the problem is finding an applica- 
tion that makes sense on wireless. 
There is no rationale to make it all 
wireless-enabled. Each particular 
channel has its benefits and disadvan- 
tages, and you need to find the right 
product to offer on wireless.” 

In California’s case, the impetus 
came when the governor mandated 
that citizens be able to receive rapid 
notification of impending outages 
without relying on broadcast media. 


tringsAtt 
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California Wireless Traffic Flow 


TECHNOLOGY 


The State of California offers its wireless users both WAP-based browsing and e-mail 
Notification services. E-mail alerts: When a power alert or traffic event occurs, the My 
California portal triggers an e-mail notification to wireless subscribers. The dynamic e-mail 


generator queries a back-end customer database and creates a message for each subscriber. It forwards the messages to the e-mail sender, a 12-server farm that can send up to 35,000 e-mail 
messages per hour via SMTP. Users with WAP or Short Messaging Service-enabled cell phones or a wireless PDA can receive the messages. WAP access: Users with WAP devices can access the 
state's Web site to view specially formatted highway information, lottery results and press releases from the governor's office. When a page is requested, the WAP server queries the Web. : 


application server, which polls the back-end database for the latest content. The WAP server dynamically creates a Wireless Markup Language 


Broadvision £ 
ication se; 


Others are waiting for improvements 
in wireless technology before pursuing 
more ambitious projects. New commu- 
nications technologies are needed that 
offer better security and reliability, says 
Richard Shipley, director of informa- 
tion systems at San Francisco-based 
Pacific Gas & Electric Co. The utility 
plans to use Kana software to send 
wireless e-mail to its customers and 
deliver power-grid alerts. Beyond 
wireless e-mail, Shipley says, “a num- 


iPlanet WAP / 
server t 


Peewee 


apna 


ber of our core business processes 
could be improved by the application 
of mobile wireless technology,” but not 
for another year or two, when high- 
speed third-generation (3G) cellular 
networks are due. 

Others users echo that view. “You 
should be leery,” says Chris Mausolf, 
manager of e-commerce at St. Paul, 
Minn.-based Northwest Airlines Inc. 
“There are a lot of software and service 
companies that call on a daily basis of- 


ched 


fering wireless assistance, and that can 
be expensive and not get you where 
you need to be.” Northwest has offered 
wireless access to back-end systems 
for the past two years using home- 
grown applications. Customers can use 
their PDAs to get information tidbits 


such as flight and gate status. 


Keeping It Simple 

To make the system work, North- 
west created XML-based software 
hooks that tie portions of its Web site 
to wireless network services from 
AvantGo Inc. in Hayward, Calif. 

“What we were really trying to focus 
on were things that provide the most 
utility for customers,” says Mausolf. 
“We don’t want to inundate a small 
window on a wireless cell phone. We 
definitely don’t want them to down- 
load the entire Internet site.” 

Northwest also forwards information 
to customers automatically; customers 
especially like getting flight departure 
times and other data sent to them, he 
says. Mausolf declines to divulge costs 
but says that because the work was 
done in-house, the integration was in- 
expensive and is paying for itself in re- 
duced call center loads as more cus- 
tomers rely on wireless self-service. 

“There are limitations to what we 
can do with WAP right now,” says Billy 
Pickle, applications expert at Southern 


page and routes it to the user. 
dade 


Co. Currently, field personnel at the 
Atlanta-based utility still rely on sim 
ple radios with screens that provide 
text-based messages from headquar- 
ters. The radios, from Schaumburg, 
Ill.-based Motorola Inc., 
a call center system from Brampton, 


Ontario-based Nortel Networks Corp. 


interface with 


The wireless network has been in place 
since 1997, when Southern built an in- 
ternal interface to its back-end systems 
to send pages to field technicians 
Pickle would like something more 
advanced. “There’s a limitation to the 
amount of data you can stuff into one 
of these,” he says. Pickle wants users to 
be able to respond to messages, a capa- 
bility currently unsupported securely 
by the system, and transmit things like 
billing data into the back end. 
Southern is now considering using 
either a real-time system or one that 
would rely on PDAs or mobile worksta 
tions that periodically synchronize 
with the back-end system. The key, 
however, is to make sure it doesn’t fur- 
ther complicate the service workers 
lives. “They’re out in the field driving 
to different sites, and we don’t want 
them to have one of these nuisances 
with cell phone issues,” says Pickle. B 
To find out mo 
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TECHNOLOGY 


Computer 


Consciousness 


Stephen M. Younger is a nuclear physi- 
cist and was until recently the senior as 
sociate director for national security at 
Los Alamos National Laboratory in 
New Mexico, where his job was to ensure 
the safety and reliability of the nation’s 
nuclear arsenal. The national labs use 
the world’s most powerful computers to 
simulate the behavior of nuclear devices. 
Los Alamos is now building a mam- 
moth machine, code-named Q, that will 
occupy a half-acre of floor space and 
compute 30 trillion operations per sec- 


ond. “In one second, Q will be capable of 


performing more operations than were 
performed by unaided human beings in 
all of history,” says Younger. 

He recently outlined to Computer- 
world’s Gary H. Anthes his vision for 
computers so powerful they could be- 
come “self-aware.” 


How rapidly are computers advancing? In 
1945, the maximum rate of compu- 
tation that a normal person could 
sustain was about one operation 
per second. By 2005, the rate of 
calculation on the fastest super- 
computer is expected to exceed 
100 trillion operations per second. 
Nothing else in human history has 
advanced by a factor of 100 trillion. 
it is an absolutely astonishing ad- 
vance in any single human activity. 


Can that continue indefinitely? First, we 
still have a number of generations 
to go with silicon in traditional 
microprocessors. Second, quan- 
tum computing is moving from 
the highly speculative to the dis- 
tinctly interesting. Third, I am be- 
ginning to think that the days of 
very large instructional set com- 
puter programs might be coming 
to an end. Maybe we'll go to mas- 
sive neural nets. Most of the cal- 
culations we do now are using 
techniques developed in the ’20s 
and 30s, with paper and pencil in 
mind. So we may go to very differ- 
ent ways of doing software. 
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WHO IS HI 
Stephen M. Younger 


is a nuclear physicist, 


an authority on 


supercomputing and 


a former national 
security expert at 
Los Alamos. 


ve spoken of a social revolution that 
will result from today’s developments 
in biology and supercomputing. Can 
you give an example of a social issue 
that will arise with very powerful 
computers? Supercomputers will 
enable [military] commanders to 
sort through more information in 
a fraction of a second than they 
could otherwise do in a lifetime. 
Some of this information will be 
sent to unmanned aerial vehicles 
or unmanned tanks that will fight 
the actual battle. Would we permit 
a machine to decide which human 
beings live and which die on the 


Creating a self- 

aware ma 

would give us a 
companion, 
something to 
talk to about 
major issues. 


STEPHEN M. YOUNGER 
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battlefield? This is not far-fetched. 
It’s a decision that will confront us 
in this decade 


You've suggested that we'll build supercom- 
puters with artificial consciousness. 
Why would we want to do that? We 
are, as a fully conscious species, 
alone. Creating a self-aware ma- 
chine would give us a companion, 
something to talk to about major 
issues. It could help us to better 
understand ourselves. The cre- 
ation of an artificial consciousness 
will be the greatest technological 
achievement of our species. 


You've even suggested that such a ma- 
chine might have a soul. When you 
create an object that is self-aware, 
that has an existence of its own, 
you assume a responsibility in 
some way. So it’s important to un- 
derstanding whether it has a soul 
or a spirit [that’s] in some way 
analogous to a human spirit. 
Could we just unplug it? Would 
that be murder? Are we required 
to sustain it indefinitely? Would it 
even want to live forever? 


Will we really build such a machine? I 
think that we will, and within 20 
years. Anything that increases by a 
factor of 100 trillion in 60 years 
you have to watch, because some- 
thing really exciting is going to 
happen. 


Are there any dangers in creating these 
things? You don’t want to give 
them decisions over human be- 
ings. You don’t want to create 
autonomous war robots or things 
like that. 


What might be the architecture of such a 
machine? It will be a different de- 
sign of hardware — silicon-based, 
a massive neural net, massively 
parallel. It won’t be an instruction- 
al-set computer [with] slavelike 
execution of a set of instructions. 
The only thing we know that’s con- 
scious is our brain, so we make 
something that’s analogous to our 
brain. It not only has to learn; it has 
to have the opportunity to change 
its environment, just as we do. 


How far could we take this? People have 
said we could create our own suc- 
cessor as a species. Could we? 
Yeah, we could. But human beings 
are essentially beautiful creatures. 
I see this machine as helping us, 
not replacing us. D 
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BY ALAN JOCH 
YNAMIC LINK Li- 
braries grew in 


popularity in the 


mid-1990s as sim- | 


ple 


for linking and sharing soft- | 
ware code with Windows ap- | 


plications at runtime. In con- 


cept, the DLL did for Windows | 


terminate-and- 
programs 


what earlier 


stay-resident tried 


less successfully to do for DOS. | 


Because DLLs are called at 
runtime, they can be modified 
and updated without having to 
recompile the larger applica- 
tion that uses them. In addi- 


tion, multiple applications can | 
use the services or data within | 


a communal DLL, thus reduc- 


ing memory demands in multi- | 


threaded applications. 

DLLs also save on memory 
because they don’t get loaded 
at the same time as the main 


(calling) program. A DLL file | 


isn’t loaded and run until it’s 
needed. For example, if a user 
is running Microsoft Word or 
Excel, he can work for a long 
time without needing to load 


the printer DLL into memory. | 


Only when the user decides to 
print the document is the 
printer DLL loaded and run - 
and then unloaded. 

DLLs were created in the 
days of the client/server com- 
puting movement, when devel- 


opers needed a way for appli- | 


cations to interact with other 


programs and systems. But as | 
| you’ve 


the use of DLLs on individual 
PCs increased, so did compati- 
bility and security problems. 
“The approach is great in a 
single-user format, but not in a 


robust environment,” says Fred- | 
erick G. Kohun, associate dean | 
of the School of Communica- | 
tions and Information Systems | 


at Robert Morris College in 
Moon Township, Pa. “What 


scares me about DLLs on the | 


client end is they make all the 
machines within the organiza- 
tion vulnerable to virus 


@ Are there technologies or issues you would like to learn about in QuickStudy? Please 


mechanisms | 
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HOT TRENDS & TECHNOLOGIES IN BRIEF 


Dynamic Link Librari 


DEFINITION 


A Dynamic Link Library (DLL) is a small application 
(or sometimes a group of them) that’s called on 
by a larger application to provide a service or 
set of data. DLLs may reside within the Win- 
dows operating system itself or within Windows 
applications. Although DLLs are specific to 
Windows, other operating systems use similar 
programming techniques, such as Shared Ob- 
jects in Linux. 


Dialing for DLLs 


A Windows application launches the “LoadLibrary” or “LoadLibraryEx” commands to find the DLL. 


If the command succeeds in its search, it loads the DLL into the same virtual address space as the 


application.* 


The application then sends the “GetProcAddress” command to determine the addresses of the 
services or data associated with the DLL. 


“GetProcAddress” returns the addresses to the application. 


The application employs the services or data of the DLL. 


When finished with the DLL, the application invokes the “FreeLibrary” or "FreeLibraryAndExitThread” 
command to remove the DLL from the virtual address space. 


*/f the DLL search fails, LoadLibrary or LoadLibraryEx send back a Null response. At that point, the application may seek 
out an alternative DLL, or the user of the application may manually type in the correct path to the intended DLL 


tacks. Every time you do a run- 
time load, [a virus] can attach 
to the operating system.” 


If you’ve gotten that far, then | 
the | 


probably heard 
phrase “DLL hell.” This is a sit- 


| uation caused when an appli- 
| cation is installed that requires | 
| a specific, often older version 
of a “standard” Windows DLL. | 


The new application installs 


the old version, replacing the | 
newer one, and as a result, | 


| DLL Makeovers 


some other applications may 
no longer work properly. The 
situation gets worse as new ap- 


plication releases and new ver- 


sions of Windows increase the | 


number of DLL versions. 


Nevertheless, DLLs set the 
stage for more sophisticated 
offspring called software com- 
ponents, the encapsulated ap- 
plications now being built 
around COM/DCOM from Mi- 
crosoft Corp., the Common 
Object Request Broker Archi- 


| tecture (CORBA) from Need- 


ham, Mass.-based Object Man- 
agement Group Inc., and the 


Java standards from Sun Mi- | 


crosystems Inc. 


Software components carry 
on the DLL tradition of allow- 
ing programmers to build re- 


usable code libraries in binary | 


| 
| 
| 


| cluding 


form and not forcing cus- 
tomers to recompile applica- 
tions, notes Francis Beaudet, 
chief architect at Macadamian 
Technologies Inc., a software 
development and consulting 


firm in Ottawa. Beaudet spe- | 


cializes in developing interac- 
tive Web applications using 
Enterprise JavaBeans. 
“Component architectures 
like DCOM or CORBA build 
on the concept of the DLL by 
adding more functionality, in- 
networking support 
and authentication,” he says. 
“You could even say that COM 


is just a smarter, better way to | 


use DLLs.” 
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Software developers are now 
relying on the more advanced 
software-component option 
rather than on standard DLLs. 
That’s partly because the stan- 


| dards that define the makeup 


and activity of components 
makes the dynamic linking of 
libraries and applications more 
efficient and less vulnerable to 
viruses. And instead of having 
DLLs residing on individual 
PCs as in the early client/serv- 
er era, systems architects are 
finding central homes for the 
software components. 

“We now see three layers: 
the graphical layer, the middle- 


| ware layer and the data ware- 


house layer,” says Kohun. “The 


notion is that a DLL no longer 
| resides on the desktop. They’re 
| now at the middleware level.” 


“[DLLs] are now hidden be- 
hind a layer of glue code that 


| takes charge of finding, loading 
| and linking your application 


with the DLL,” Beaudet says. 
The result: the widespread 


| availability of reusable compo- 


nents, shared objects and in- 


terfaces among Web-based 


| applications. “But in the back 


the same old 
DLL,” Beaudet says. “The 
mechanism itself will continue 


it’s still 


| to work as it always worked.” 


In fact, when you access a 
page with an ActiveX 
component, your browser is 


| downloading a DLL from the 


Web server, installing it on 
your PC and linking with it. 
“Tt’s called a compo- 
nent, but that DLL has the same 
internal structure as the ones 
that were installed on your PC 
with Windows 95 six years 
ago,” Beaudet says. “Only the 


now 


| delivery method changed.” D 


Joch is a freelance writer in 
Francestown, N.H. 
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It's Worth the Effort 


TECHNOLOGY 
Security Certification: 


After resisting the idea for years, Mathias decides 
it’s time to study for the CISSP exam 


BY MATHIAS THURMAN 
HIS MONTH, I’m going 
two directions at 
have had several tasks 
complete in light of the 


once. 
to 


Sept. ll tragedy in order to | 


reduce the impact of a potential secur- 
ity breach or disaster at my company. 
And after hours, I’m preparing for a 
security certification exam. 

In my day job, I have 
user account audits under 
way, and we're about to 
implement group struc- 
tures within our Windows 
NT domain to ease admin- 
istration. This powerful 
NT feature lets us config- 
ure groups with different 
access privileges and place 
users into the groups that 
the proper 
profiles their 
That should make it easier 


have access 


for roles. 


user base 

Our CIO is in the pro- 
cess of executing what’s 
called a “structured walk- 
through” of our disaster recovery plan. 
We'll do this by using checklists and 
running through different 
with key staff. If the structured walk- 
through is a success, we will proceed 


scenarios 


with a more realistic test using one of 


our hot sites. 
As for physical security, the security 


- rouse 
to apply a consistent set of 5 
security rules across our 


guards down in the lobby seem to have | 


an increased awareness of who’s com- 
ing and going. And it seems that most 
employees are more aware of their 
surroundings and more diligent in 
questioning unusual behavior. 

I decided about a month ago to start 
studying for the Certified Information 
Systems Security Professional (CISSP) 
certification offered by the Internation- 
al Information Systems Security Certi- 
fication Consortium Inc. (ISC)? in 
Framingham, Mass. The CISSP is well 


respected within the information secu- 
rity community and is a highly desired 

or even required — certification in 
some industries. Every so often, I do a 
search of the employment Web sites for 
the CISSP, and the number of listings re- 
quiring that certification is increasing. 

The CISSP exam consists of 250 mul- 
tiple-choice questions. The exam cov- 
ers 10 common bodies of knowledge 
(CBK), ranging from access 
control to cryptography 
and physical security. 
(ISC)* says that security 
professionals with at least 
three years of experience 
should have the knowledge 
necessary to pass the exam. 
The problem is that, like 
most security profession- 
als, I don’t have three years 
of knowledge in every one 
of the CBKs. 


Why Now? 


My colleagues have asked 
why I’ve waited this long to 
get my CISSP certification. 
In the 
thought that I didn’t need a 


past, I’ve always 


certification, that they were a waste of 


time and money, and that experience is 
far better that some acronym next to 
my name. 

My experience with job applicants 
reinforced those perceptions. About 
four years ago, I interviewed a candi- 
date for a security administrator posi- 
tion. His résumé included many 
acronyms, such as ones that stand for 
Microsoft Certified Systems Engineer, 
A+ and Certified Novel Administrator. 
He professed significant experience 
with Solaris administration and firewall 
installation and maintenance. He also 


| claimed to have experience with securi- 


ty tools and other security applications, 
so I was excited to interview him. 

When he arrived, I was duly im- 
pressed. He was about 30 years old and 
was dressed appropriately for the inter- 


view. However, as the interview pro- 
gressed, I realized that this person had 
little real-world experience in security 
or systems administration. His certifi- 


| cations were all gained through crash 


courses intended to teach you what you 
need to know to pass the certification 


| tests. 1 needed someone who could hit 


| the ground running. I didn’t have time 


to train anyone. 

Since then, I’ve had similar experi- 
ences with other candidates. That’s not 
to say that there aren’t respectable cer- 
tifications. The Cisco Certified Inter- 
networking Engineer, which includes a 
hands-on lab test, is probably the most 


| difficult. In my experience, individuals 


with this certification are generally 
well qualified and well versed in some 
facets of information security as well. 

I decided to finally give in and take 
the CISSP exam after meeting several 
security professionals who have stud- 
ied for it. I was impressed with their 
knowledge, and they had nothing but 


| great things to say about the program. 


I also considered the SANS Insti- 
tute’s Global Information Assurance 
Certification (GIAC) Program. SANS 
has always been a leader in security 
information and programs. Its certifi- 
cation covers a wide range of informa- 
tion security issues and is especially 
common in the government sector. It 
sounds a bit trivial, but I chose the 
CISSP over the GIAC exams based 
purely on popularity. For example, one 


| job search engine produced aiimost 100 
| hits on CISSP vs. 14 hits for GIAC. 


I gave myself two months to study for 


the exam, and I’m almost done. I spend 


at least four hours a day after hours and 
as much time as possible on weekends. 

For reference material, I’m using 
three publications (see box at right). 
I’m also using an excellent Web site, 
http://www.cccure.org, which contains 


| reference materials and links that will 


help me pull together the many docu- 
ments, presentations and programs I 
may need to prepare for the CISSP 


| exam. I assembled a binder containing 


printed material from the Web site and 


| am using it for study. For each of the 10 


sections, I read one chapter each from 
the publications, then review the print- 
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SECURITYBOOKSHELF 


The CISSP Prep Guide: Mastering 
the Ten Domains of Computer 
Security, by Ronald L. Krutz, Russell 
Dean Vines and Edward M. Stroz (Wi- 
ley, 2001). This is the best book for 
CISSP preparation. It contains a wealth 
of pure study information. There are no 
stories, few opinions and few real-world 
examples — just what you need to know 
to effectively study for the exam, includ- 
ing a 200-page appendix and glossary. 


Information Security Management 
Handbook, Fourth Edition, edited by 
Micki Krause and Harold F. Tipton (Auer- 
bach Publications, 1999). This should 
be required reading. Unlike the Prep 
Guide, it contains many examples to 
help readers understand the concepts. 


CISSP Exam Textbooks (theory 
and practice), by S. Rao Vallabhaneni 
(SRV Publications, 2001). I've heard of 
people studying only the SRV publica- 
tions and passing the test, but I've 
found errors, and some sections are a 
bit confusing. However, if you haven't 
taken a multiple-choice test lately, the 
practice volume is a good option. 


LINKS: 


www.isc2.org: Visit the (ICS)2 site 
for information on CISSP seminars 

and online study groups. | recommend 
joining its free mailing list, which gener- 
ates about 15 messages per day. 


www.cccure.org: An excellent re- 
source for CISSP preparation. Check 
out the study group and mailing list. 


www.cissps.com: |f you're weak on 
cryptography, this site has an excellent 
reference. 


ed materials. Finally, I’m taking what- 
ever practice exams I can get my hands 


; on. After going through all 10 segments, 


I’ve gone back to study my weak areas: 
cryptography, security models and 
physical security. I also made flash- 
cards to help with the more difficult 
concepts. 

Do you have resources you're using to 
prepare for the CISSP or GIAC exams? 
If so, | welcome your suggestions in the 
Security Manager’s Journal forum. D 


ok 


For more on the Security 
Manager's Journal, including past 
journals, visit 
www.computerworld.com/q?q2000 


® This week's journal is written by areal security manager, “Mathias Thurman,” whose name and employer have been disguised for obvious reasons. Contact him at mthurman@hushmail.com or go to the Security Manager's Journal forum. 
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TECHNOLOGY 
Software Knows 
When to Tell a Secret 


Courion’s password management 


software eases help desk headaches | 


BY AMY HELEN JOHNSON 
EING A NETWARE 
shop 
dilemma _ for 
Mutual Life 
ance Co., says Nan- 
cy Alter, manager of the help 
desk at the Horsham, Pa.-based 
company. 


Penn 
Insur- 


dent insurance agents were re- 
quired to change 


every 90 days for better securi- | 


ty. But because of the way the 
server software implemented 
account privileges, users need- 


ed full administrative rights to | 
their | 


the change 
own passwords. 

Penn Mutual handed the job 
to the firm’s two security peo- 
ple, 
solving 
them away from more strategic 
tasks, says Alter. 
focus should not be on reset- 


servers to 


but the time they spent 


user problems took 


ting passwords,” she says. 

So Alter brought in 
wordCourier from Courion 
Corp. in Framingham, Mass., to 
let help desk staffers perform 
password changes. 


Pass- 


created a | 


Penn Mutual’s 800- | 
plus employees and indepen- | 


passwords | 


| witz Group Inc. in 


“Clearly, their 


The prod- | 


uct gave Penn Mutual a secure, | 
authenticated method of chang- | 


ing passwords that didn’t in- 
volve granting administrative 
privileges. It also reduced the 
average time to solve password 
problems from about 20 min- 
utes to three to five minutes, 
says Alter. 


Enforcing the Rules 


Moreover, she says, the com- | 
pany’s overall security has im- | 


proved because Password- 


Courier enforces strict authen- | 


tication rules that confirm the 
identity of the user before the 
passwords are changed. 
cording to Alter, the next step 
is to allow employee self-ser- 
vice 
themselves. 


Ac- 


and train users to help | 


Products like Password- 


| Courier provide better securi- 


ty within a cost-efficient self- 
service environment, says Pete 
Lindstrom, an analyst at Hur- 
Framing- 
ham. “Password-reset is 
biggest security problem in an 
enterprise today,” he says, “and 
[PasswordCourier] solves not 


Courion Corp. 


1881 Worcester St. 
Framingham, Mass. 01701 
(508) 879-8400 


The technology: Password and 
identity management automation 
software. 


Company officers: 

¢ Chris Zannetos, president, CEO 

and founder 

* Brian Milas, chief technology 

officer 

¢ John G. Mokas, chief financial 
officer 


Milestones: 

¢ June 1996: Company founded 
December 1996: First product 
released 

May 1999: Courion received first- 
round funding 

* November 2000: Received 
second-round funding 

* October 2001: Released latest 


the | 


| a user 





only a security problem, but 


| the service problem.” 


Courion CEO Chris Zan- 


netos says 
provides users with a simple 
graphical user interface (GUI) 
that allows them to change 
their 


passwords themselves. 


Underneath the GUI is a set of 
| connections to existing direc- 


tories and corporate databases 
that contain identity and au- 
thentication information. 


‘To initiate password changes, | 


accesses Password- 


versions of products 


Burn money: $18 million from 
Citizens Capital Inc., JM! Equity 
Fund LP, QuestMark Partners LP 


Products/pricing: Password- 
Courier, $14 per user; Profile- 
Builder, $6 per user; AccountCouri- 
er, $20 per user; CertificateCourier, 
S10 per user 


Customers: The Bear Stearns 
Cos., The Boeing Co., Cummins 
Engine Co., The Guardian 
Life Insurance Company 

of America, Penn Mu- © 
tual, Raymond James € 
— Inc., Target 


Red flags for IT: 

¢ Products interoperate 

with only a few applications 

and directories. 

© Some competitors include pass- 
word-reset functions within broad- 
er account-management tools 


-*assword-reset is the 
biggest security problem 
in an enterprise today, 
and [PasswordCourier] 


solves not only a 


security problem, 


but the service problem. 


PETE LINDSTROM, ANALYST, HURWITZ GROUP INC. 


PasswordCourier 


oMPUTER 


Courier through a browser, a 
telephone or a desktop applica- 


tion screen. The software asks 


questions to confirm identity, | 


using information stored in 
corporate directories. 
PasswordCourier has appli- 


cation programming interfaces 


for integration with enterprise | 


directories such as Microsoft 


| Corp.’s Active Directory and 


PeopleSoft Inc.’s CRM Help 
Desk. It also integrates with 
any Open Database Connec- 
tivity-compliant database. A 
companion product, Profile- 


Builder, lets users update their | 


own information within these 


| corporate directories. 


Fast Learners 


The only problem Penn Mu- 
| tual 


encountered when in- 
stalling the software, says Al- 
ter, was that Courion didn’t 
have an agent that worked with 
the older, Novell Inc. 
NetWare 3.1 file servers. Even- 
tually, she says, Courion fixed 


firm’s 


| the problem, and training be- 


gan. Training was fast, requir- 


ing only about half an hour to | 


teach someone the system, Al- 
ter says. 

The major benefit that Alter 
las seen so far is a significant 


increase in the percentage of 


problems solved after the first 
contact with the help desk. 
Before Penn 
©. started using Password- 
< Courion, according to 
Alter, the rate was 65%; 
y¥ now, it’s 75%. 
Two recent product 
leases have expanded 
Courion’s product line 
into other areas of identity 
and account management, says 
Zannetos. 
AccountCourier is a provi- 
sioning package for creating, 
modifying and deleting ac- 


| counts. CertificateCourier is a | 


certifica- 
that 


self-service digital 
tion registration system 
works with public-key 


| structure. 


Zannetos Courion’s 
long-term plans include updat- 
ing its products to take advan- 
tage of new authentication 


says 


| technologies, such as biomet- 
| rics.D 


| Johnson is a Computerworld 


contributing writer in Seattle. 





Mutual | 
| and moved into account management, 


| its competitors have come from the oth- 


infra- | 
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the buzz 


STATE OF 
THE MARKET 


| The Password 


Problem 


| Hurwitz Group's Pete Lindstrom says 


that resetting passwords is one of the 
biggest concerns of any organization 


| Notonlyis it expensive - estimates of 
| the cost of handling password-related 


calls to the help desk range from 15% to 
40% of the help desk budget, according 
to analyst firm studies — but it’s also a 
large security problem because the au- 


| thentication measures used by many 
| companies are easily circumvented 


Because help desk workers are typi- 
cally low-paid and not well-trained, 
they're prime targets for social engineer- 


| ing by determined crackers, says Lind- 
| strom. And once thieves have conneda 


valid user identification and password 
out of the help desk, they can gain legiti- 
mate access to the network, making 
them even harder to stop. By automat- 
ing password-resets, he says, vendors 
like Courion remove the opportunity for 
potential intruders to manipulate help 


| desk staff to gain access to the corpo- 


rate network 

Although password reset is a signifi- 
cant problem, says Lindstrom, it's only 
part of a set of the broader issues of user 


| management. While Courion began by 


tackling the password-reset problem 


er direction. 


| Access360 


Irvine, Calif 
www.access360.com 


Access360's keystone product is a pro- 
visioning package like Courion’s newly 
released AccountCourier, which allows 
IT managers to set up, modify and delete 


| user accounts; specify the access rights 


those accounts have to an enterprise's 
resources; and reset passwords. The 
start-up has plenty of resources to chal- 
lenge Courion and has raised more than 
$60 million in funding. 


Waveset Technologies Inc. 


Austin, Texas 
www.waveset.com 


Account management is at the center of 
Waveset's Lighthouse product suite, 
which mirrors Courion’s product set with 
functions like provisioning, identity man- 
agement, authentication and password- 
reset. 
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PROFESSIONAL Women’s VIRTUAL CONFERENCE & EXPOSITION 
December 3-7, 2001 


PATHWAYS... 


= 


How new technology can add value to your business, career, profession. 


Join us for a dynamic, virtual experience - 
take advantage of this unique mixture of real-time and virtual... 


WITI's Virtual Conference will expose you to new ways to build a personal network. This is your opportunity to network 
with top leaders and visionaries utilizing technology in exciting new ways 
WITI's Virtual Conference offers you: : seals ' 
» Keynote Sessions & Interactive Discussion Groups | Network with Companies including: 
: Capital One, Computer Nuts, Dell, 
> Live Online Chats 
Genentech, Group Jazz, IBM, IDX, 
> Practical Skill-Building Webinars i 
Lally School of Management & Technology/RPI, 
MediSense, Office Depot, Prudential, Raytheon, 
RHI, Talk City, Teradyne, Texas Instruments, 
TransSynergy, Wachovia, Xilinx 


Don't miss the Virtual Expo: 
> Visit Exhibitors to learn about Products & Services.. 
or Leave Your Resume 
» Assess Your Networking Skills 
> Leave a “Virtual” Business Card for the Online Raffles 


> Participate in Real-Time Chats 


For more information or to register please visit us at 
www.witi.com/virtualpathways 
or call toll-free 800.334.WITI 


a , ae | 
OMEN IN ra, a 
TERNATIGNS 


Women Shaping Technology 
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If you're an IT professional who's tired of playing industry catch up and want to get ahead of the game, 
lock to Ajilon. As a frontrunner of information technology services, our people are always in demand 
Our clients span a wide variety of industries so you'll benefit from a challenging, varied environment 
And with a steady flow of new projects you'll have the stability that many consultants dream of. At Ajilon 
we don’t just invest in technology, we invest in people. Visit us on the web at www.ajilon.com 


You'll see we're taking information technology into the future. And we'd like to take you with us 


- 
AJILON. we 


The human side of information 


An equal opportunity employer. 


Programmer/Analyst 
bachelor's degree or fF i ee MGEVENTS.COM/STORAGE 


comput 


slat Sap 


gramming 


LUCKILY, WE st z Si pViveld STRATEGIES 


bachelo' 
EXPO 


to reloc 
on a project by is. 
! Must have working know 2 O' 
RE OO Java, C++ and/or Unix. Engag 
e in computer prograr 3 and 
software de' > 
data processing 
application to el ‘a re ae 
For the most up to ie regent rceaes 20 
user requirements, procedures F 
p and problems to automate or NOVEMBER 28-29, yANT | 
improve existing systems and ‘a } 


review system capabilities, work. e Boston Park Plaza 


flow and scheduling limitations 


ts 
d O 40 hrs / week. 8:00am 00 
ate Op portu nities pm. Salary range $50,000/year 

to $65,000/year depending 

on qualifications. Apply with 
resume to: Auriga, Inc. Attn 
Recruiter, One Overlook Drive 


and coverage, stay Unit 2, Amherst, NH 03031 


It’s Fast. 
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Post-Y2K, new economy, new threats. The 
combination has created some of information 
technology consulting’s most complex challenges. 
Testing and quality assurance become more 
important in containing costs. Companies look 
to automation and enterprise-wide solutions to 
drive down overhead. And in light of recent events, 
there’s increased urgency around security and 
disaster recovery. 

The Technology Group of Spherion offers a comprehen 
sive suite of enterprise-class technology solutions to help 
clients solve critical business challenges, realize business value 
and leverage and retain current infrastructure, explains Jim 
Seery, area vice president for Spherion in New York City. The 
company provides consulting services to the financial services, 
healthcare, telecommunications, media, manufacturing and 
pharmaceutical industries. 

With a 33-year history, Spherion’s consultants have 
worked IT through some of the most dramatic changes 
in technology.““We bring that business intelligence and 
experience as part of our project engagements,” Seery says 

For consultants, Spherion offers a strong emphasis on 
career development.“We do it smartly, by developing career 
paths that link directly to market demand,” Seery explains. 
The company offers transferability across industries, types 
of projects and among its 20 U.S.-based Business Solutions 
Division offices 

Analysts International, based in Minneapolis, provides 


IT CAREERS 


Advertising Supplement 


staff augmentation and project/solutions business support to 
its clients, predominately Fortune 500 companies. With more 
than 3,500 consultants, about 80 percent of the business is 
staff augmentation for major customers.“ Typically our con- 
sultants are assigned as individuals to a client team,” explains 
Cathy Peterson, national accounts recruiting manager. The 
company seeks mainstream technical skills in client/server, 
mainframe and network environ- 

ments.“The soft skills we look for 

include independent ability to work 

with clients and flexibility. Our 

customers want people who can 

address a variety of technical 

projects, not just one niche,” 

Peterson adds. 

“The company has been around 
for over three decades,” she says , 
“You'll be surrounded by people who have been with the 
company for 15 or 20 years. Our interest is in building that 
type of longevity with our consultants.” 

Covering the wide swathe of America from New Orleans 
west and north to Seattle, Andersen Business 
Consulting’s western region works with customers in 
industries ranging from energy to telecommunications, 
healthcare, financial markets, entertainment, retail and 
production.“We look for people with skills that can be 
applied with our clients today — business analytical skills, 
technology, change enablement,” explains Dave Sparkman, 


EID 


Andersen partner for human resources for the western 
region.““We focus on building long-lasting relationships with 
key accounts, providing them with integrated audit, tax and 
consulting services.” 

New college grads joining Andersen attend orientation 
classes at the St. Charles facility.“We simulate for them what 
projects are like, allowing them to learn fundamental skills 

plus our Architected Solutions 
methodology that helps assure 
no stone goes unturned for our 
customers,” Sparkman says. 
More experienced individuals 
hired go through a course on 
Andersen’s consulting approach. 
“Initially, our new hires are placed 
on a project team with a mentor to 
help get them grounded and get 
some traction in this business,” adds Sparkman.“This gives 
our consultants a strong foundation, while we continuously 
monitor and work with each person to make changes that 


meet career and personal needs.” 


For more job opportunities with consulting firms, turn to the pages 
of ITcareers. 

© If you'd like to take part in an upcoming ITcareers feature, contact 
Janis Crowley, 650.312.0607 or janis_crowley@itcareers.net 

© Produced by Carole R. Hedden 

© Designed by Aldebaran Graphic Solutions 


Look who’s 
hiring at 
lTcareers.com 


Every day hiring managers 
turn to ITcareers.com for 
the best IT candidates. They 
know us and they know we 
can deliver. 


If you want a better challenge, 
we Challenge you to find a better 
IT career site thanlTcareers.com. 
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Software Engineer wanted by 
Noriden Cor Piscataway, NJ 
Must have at least a Bact 
Jegree in computer scie 
slated fields with at 
years experience. Please 
sume to HR Dept 
10 Corporate Place 
Piscataway, NJ 08854 


Fax number: 732-465-0200 


Network Architect wanted 
by optical networking system 
developer in Oceanport, NJ 
Performs network design and 
analysis of new architectures 
Must have Master's 

or equivalent in Engineering 
Computer Science or relate 
field and 1 yr. exp. in job offered 
or in Software Engineering for 
Optical Networking. Respond to 
Doreen Connors, HR Depart 
ment (ref# 009), Tellium, Inc., 2 
Crescent Place, Oceanport, NJ 


07757 


Software Engineer wanted by 
a Telecommunications co. in 
Boston, MA. Must have a Master's 
degree (or equiv. education 
experience) in Comp. Sci. or 
related field & 3 yrs. exp. as 
a Software Eng. or related soft 
ware developmeni exp., together 
with 3 yrs. designing and pro 
gramming exp. utilizing network 
security, C/C++, TCP/IP. Winsock, 
BSD socket, Unicode, Multithread 
OOA, OOD and 1 yr. utilizing 
SSL/TLS, Win Platform SDK 
ATL, STL, ACE and COM 
Please respond to Net2Phone. 
Inc., 200 High Street, 3rd Fl 
Boston, MA 02110. Fax: 815 
366-5794 Attn: Matt Eichner 
reference #WH10232001 


Database Architect wanted 
Must have Bach. degree in Comp. 
Sci. or Eng. & 5 yrs. database 
admin. exper. with Oracle, incl 
exper. in the financial services 
industry with logical database 
design incl. data modeling & 
application design, & incl. exper. 
with data warehouse design 
Send resume to Daniel W. Davis 
VP, HR Relationship Mgr 
Wellington Management Com 
pany, LLP, 28 State St., Boston. 
MA 02109. No third parties or 
phone calls please 


STE UC y 


Software Engineer: Perform 
Jase adm., design, data 
lipulation & system integra 
Perform data wareh 1g 
ASP in redundant 

nent. Implement page 

& IP delivery on per 

ngine basis into data tier 

Deploy server 

XML, Active 

or Pages 3.0, Active Data 
Objects, HTML & SQL Server 
7/2000. Req.: B.S. in Comp. info. 
Sys. Mail resume to: Franchise 
Opportunities.com, 1085 Powers 


Place, Alpharetta, GA 30004 


Mgr Projects — Direct/coord activ 

ities in managing med-large 
scale projs; resp planning/coord’g 
projs; interpret/prep docs for 
estbi’'g work plan; arrange for 
recrtmt or assignmt of proj prsni 
on multi-disciplin staff'g needs of 
ea phase of proj; may manage 
sub-contractors & wrkfrce; direct 
coord activities of proj prsni 
modify scheds or plans as reqd 
devel/impimnt methods/ proce- 
dures for monitoring projs; prep 
budget’y cntrl processes; review 
status reports prepd by proj prsni 
to ensure proj progresses. Req's 
BA in Busn Admin, Info Syst Mgt 
+ 3 yrs exp. Resume: HR Dept 

Horizon Companies Cinn, Bank 
One Towers, 8044 Montgomery 
Rd, Ste 700, Cinn, OH 45236. 


Sr. Member of Technical Staff 
wanted by optical networking 
system developer in Oceanport 
NJ. Must have a Ph.D. or 
equivalent in Physics, Optical 
Engineering or Electrical Engi 
neering and 1 year of exp. in the 
design of nonlinear optical 
systems. Respond to: Doreen 
Connors, HR Department 
(ref# O60), Tellium, Inc., 2 
Crescent Place, Oceanport, NJ 


07757 


WEB APPLICATION ENGINEER 
NY. Engineer Web based solu 
tion through systems analysis & 
develop technical flow chart 
based on specifications. Test 
application workability, integrity. 
& logical flow. 2 yrs exp req. in 
Perl, Java, JavaScript, HTTPS 
environment. M.S. in Computer 
or Information System required. 
Contact Cosmos Communica- 
tions, 11-05 44th Dr., Long Island 
City, NY 11101-5107 
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Software Engineer 

E lewood Color 
company JOB DL 

Nn various unanticipatec 
throughout the U.S 
Jes and devel 
software systems 

with hardware 


ment. Analyze sc 


oftware r 


ments to determine feas 


design withir 
restrains. Consu 

define needs or 

People Code 

SQL, SQL/SQR, Cold Ft 
Crystal Reports, RDBMS. 


PLSQL and Vision. Reqs. Ma: 

in Engineering, C 

ence, Business Ai 

or related f 

year in the jot 

in a related occupat 

a Sr. Programmer 

$87 ,300/year 

AM - 5PM 

Respond by resume to ( 
Department of Labor 

ment, Employmer 

ATTN: Jim Shimac 

Central, Suite 400, 1515 Arapahoe 
St., Denver, CO 80202 and refer 
to Job Order No. CO 500723) 


Systems Development Pr 


Consultant ir 

comp & software 

corp clients; coordinate s 

dev work; analyze & evaluate 
existing systms; direc 
upgraded systs. Bact 

Comp Sci or Mngmt 

exp in job offered req. Respond 
to: BEV/HR Dept, PO Box 4241 


GCS, NY 10163 


Several computer related pi 
tions available for large software 
development, support and sales 
company. Degree, technica 
skills & experience 

position. Send resur 

Pearce, Thru-F 

2099 Gateway Place. 


San Jose, CA 95110 


Oracle Financials/Business 
Analyst for NY based 

have a Master's degre ti 
Sc., Bus. Admin. & 1 y exp in 
Comp. S/W analysis and/or 
consulting. Respond t HR 
Dept., Johnson McClean Tech. 
Inc. 130 W. 42nd St., Ste. 1400. 
New York, NY 10036. (Ref 
GG7945IM) 


DATABASE ADMINISTRATORS. 
Resp for database maintenance 
database applications dev'mt 
migration of production data- 
base servers & setup of 
database server cluster, data 
warehouse & data mart design 
dev'mt, maint & perf. Req's 
Master's deg in Comp Sci/Comp 
Eng’g or Bach deg plus 5 yrs 
prog resp exp in database 
system admin. Send resume to 
Laura Lum, Promeo Technologies, 
3177 17th St., San Francisco, 
CA 94110 


Member of Technical Staff (Tech 
nology Architect 
company in Westmins 
specializing in c omputer tech 
nology to work in Westminster & 
other unanticipated job sites in 
the US. At the highest levei, engage 
n fulltife cycle software devel. 
pment of client/server & Web- 
based soft applicat 
ncluding Websites. These appli 
cations interface w/ different 
relational database management 
syste! Analyze requirements 
Create designs & design docu: 
mentation. Code, test,& debug 
the software applications. Engage 
"ject management a 
Je tech. support 
igineers & other 
members. Use 
Java, Java Serviet, Java Server 
Pages, HTML, XML, & computer. 
aided software engineering tools 
the design & development 
process. Requires a master's 
Jegree or foreign equivalent ir 
mputer science, eng., physics 
math. & statistics, or a related 
field plus 3 yrs. of software 
development experience or a 
bachelor’s degree or foreign 
equivalent in computer science 
eng., physics, math. & statistics 
or a related field plus 5 yrs. of 
software development experience: 
working knowledge of Java 
relational database management 
systems, & computer—aided 
software engineering tools. 8am: 
5pm, M-F; $80,000/yr.. Respond 
by resume to James Shimada 
Colorado Department of Labor 
& Employment, Employment & 
Training Division, Tower II 
#400,1515 Arapahoe, Denver. 
CO 80202, & refer to Job Order 
Number CO50 


Megha Soft Technologies, Inc. is 
a premier computer technology 
solutions firm specializing in 
custom scientific and technical 
software and IT solu’ is. We 
are currently looki ior the 
following 


Software Engineers: Research 
design and develop computer 
software programs and systems 
for system integration, system 
implementation, and network 
design. Candidate must be a 
computer architect able to install 
integrate, test, administer and 

gage in user support for 
computer applications and tools 
ncluding, Windows NT/2000 
RightFax, performance impact. 
and business objects products 
Conducts after development 
quality testing and up-gradation 
of software to production stage 
Requires at least 5 years o 
experience 


f 


Send Resume to: Attn: Human 
Resources, 2323 S. Voss Road. 
Suite # 540, Houston, Texas 
77057 or send via e-mail to 
hr@meghasoft.org 


Programmer Analyst sought by 
high-end computer distributor in 
Boulder, CO to work in Boulder 
and other unanticipated job sites 
in the U.S. Engage in full-life 
cycle software development 
Specifically, design and develop 
client/server software applica- 
tions which incorporate Oracle 
relational database management 
system and run on UNIX operating 
systems. Analyze requirements 
Create a and design doc 
umentation. Code, test, and debug 
the software applications. Use 
Designer 2000, PL/SQL, Pro*C 
Oracle*Forms and Oracle* 
Reports in the design and devel- 
opment process. Requires bach- 
elor's or foreign equivalent in 
Computer Science, Math or related 
field, including Statistics; 2 yrs 
exp. designing and developing 
Oracle software applications, using 
PL/SQL and Pro*C ae 
knowledge of Designer 2000. M- 
8am-5pm; $70,000/yr. Respond 
by resume to James Shimada 
Colorado Department of Labor & 
Employment, Employment & Train- 
ing Division, Tower II, #400, 1515 
Arapahoe, Denver, CO 80202 & 
refer to Job Order Number 
C05007279 


Open your mind to a career 
with unlimited possibilities. 


At Kanbay, we're 
lobally. We're 
lho 
environment, we val 
nitiative. And that 
llenge? 
Ortunitie 


quarters in 


aster tha 


Seta Hie 
HS 


orldwide 


the beginning. Are yo 


wide. The following 


orporate 


Peel em sea ae) 
JAVA, J2EE, XML, OOA, OOD, 
MS hye eal Me od 


oP Zea) 
ae) ames ed 
Ara eel Nedra 


Bet alaliae] mM e-tol- fd 


Tal olol 


ere AU er) 


nt benefits package 


i 


yverage for health 


reimbur 


fo om 


to: Kanbay, Inc., 6400 Shafer Ct., Ste. 100, 

Rosemont, IL 60018. Fax: 847-318-0784. 
rstewart@kanbay.com. Please reference code 

CW0110101 in all correspondence. EOE 


www.kanbay.com 


CyberTech Systems, Inc. prc 
vides IT strategy consulting 
systems integration and sof 
ware development to 
nationwide. We have € 
ate, full-time opportunities for 
both entry-level anc xper 
enced professiona 

following areas 


SAP R/3 
@ Functional 

(Financials, Logistics, HR 
@ Technical 

(BASIS, ABAP, ALE/EDI 


NETWORKING 

@ Network Engineers & 
Consultants 

@ Systems Engineers 
(MCSE) 

@ LAN/WAN Specialist 
(CISCO) 


APPLICATION 

DEVELOPMENT 

@ Microsoft Certified Solution 
Developer 
(Visual Basic, Visual C++ 
Database Administrators 
(Oracle, SQL Server) 
Web Based Development 
(Java or JavaScript, CORBA 
Microsoft ASP, Activex 
COM/DCOM 


Job opportunities are als 
available for Sale Managers. 
Marketing Managers, Business 
Managers, Human Resources 
Managers, Controllers and 
Technical Recruiters. Bachelor's 
or Master's degree required 
depending on position. We also 
accept the foreign education 
equivalent of the degree or the 
degree equivalent in education 
and experience. Excellent ben 
efits. Send confidential resume 
and salary requirements to 
CyberTech Systems, Inc 1111 
West 22nd Street, 8th Floor 
Oak Brook, IL 60523 or 8 
Neshaminy Interplex Suite 209. 
Trevose, PA 19053. EOE 


sought by cor 
[0 specializing in 
velopment to work in B 
ther unanticipated 
research in emerging technologies 
ommunic 5 applica 
; ess pment 
utilizing new technologies, manage 


customer accounts rega 


J 
scope, budget, schedule & 
for software projects. Supervise 
the development & di 


f software systems 


quality 


tems will ru 
Jows envir 
based 
activities of proje 
ftware developers & architects. 
ordinate testing & optimizatior 
ode for newly developed s 
versee t 
ng of staff ir 
technology area. Requi 


ai Engineering, ( 


Analysts, A 

ers, Network Adm 
details see our 
www.emind.com. Res 
Malhotra, eMind. 


Redwood Avenue, CA 90066 
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PROGRAMMER 
ANALYST II 


Design, develop, implement & support 
projects and business systems using Visual 
Basic 5+, SQL Server 6.5+, ASP, Crystal Re 
ports 6+ and relational databases; Participate 
in system/data walkthroughs; Perform program 
design and specification definition and devel- 
opment; Act as a user liaison; Assist in the reso- 
lution of issues; Support clients; Comply with 
IS standards and procedures for Quality assur 
ance and quality control program specifications 
and structure, naming conventions, and docu- 
mentation; Comply with LabOne policies and 


procedures. 


B.S. in Computer Science or related degree; 2 


5 


years experience in the job offered or as Pro 
grammer Analyst. Must have proof of legal 
authority to work in the United States. 


We offer competitive salary and have excellent 
benefits. Send resume to Human Resources, 
LabOne, Inc., 10101 Renner Blvd., Lenexa, 
KS 66219. For further info call job/benefits 


line 913-577-1247. 


C LabOn > 





Programmer/Analyst 


d Wide Technology, Inc 
urrently has an opportunity 
available for a Programmer 
Analyst to design, develop, and 
support Web-based and client 
side multi-tier applications in 
UNIX environment with Oracle 
database, and BEA WebLogic 
application server; utilizing core 
Java, JavaScript, JavaServer 
Pages, Enterprise Java Beans 
HTML, XML, and PERL 
Qualified applicants should nave 
a Bachelor's Degree in Computer 
Science, Electrical Engineering 
MIS, or in a closely related field 
Excelient communication, ana 
lytical, and interpersonal skills 
are required. Competitive salary 
40hr/wk; Mon.-Fri.; 8-5 Send 
resume to 
Human Resources 
Department - PA 
World Wide Technology, Inc 
127 Weldon Parkway 
St. Louis, MO 63043 
Email: careers @ wwt.corr 
Fax: 314-919-1441 


EOE M/F/V/D 


Computer Programmer, 
Analyst pos in Troy. Dsgn 
dvip, test & impimt commer- 
cial & financial applics for 
SAP R3 acctg systm using 
ABAP/4 lang. BS in CIS, 2 
yrs in pos or prgmr incl 
ABAP/4 prgmg for SAP R3 
systm in commercial data 
processing. Fax resume 
(817) 861-4812 


Support Specialist sought by 
Value Added Reseller Co 
to provide technical assistance 
train'’g nstaliat’ns product 
demonstrat’ns to co. clients & 
Graphics Systems Corp (GXSC) 
employees situated in all offices 
answer customer queries, coor 
dinate w/ software vendors 
concern’g applicat'n software 
(1.E. Product Data Mngmnt 
solut'ns) offered & sold by the 
Co.; aid in the select’n, evaluat’n 
implementat'n of software pack: 
ages/hardwre equipmnts, includ’g 
communicat'n/network equipmnt 
to improve the business funct’ns 
& processes of the co.; trou 
bleshoot, maintain, back up GXSC 
co. database info.; help coordi. 
nate the web page design con 
tent & layout of the co. Bachelor's 
Degree in Computer Science or 
comp. related field or equiv. to a 
credential's evaluat'n. Min. exp. 3 
mos. in job or job-related. Travel 
req. Resumes to H.R. Dept 
Graphics Systems Corporation. 
W133 N5138 Campbell Dr 
Menomonee Falls, WI 53051. No 
calls. EOE 


SAP Business Information 
Warehouse (BW) company 
seeking experienced SAP BW 
functional/technical consultants 
familiar with generic and custom 
extractors, data modeling, info 
sources and info cubes. Also 
seeking SEM and Supply Chain 
Management/APO experience. 
Please e-mail resume to Busi 
ness Information Solutions at 
recruiting @bisamerica.com or 


fax to (858) 458-5819. 





|B Mer ae 


Corliant, Inc. provides IT strategy 
consulting, systems integration 
and software development tc 
clients nationwide. We have 
immediate, full-time opportuni 
ties for both entry-level and 
experienced professional in any 
of the following areas 


NETWORKING 

® Network Engineers & 
Consultants 

® Systems Engineers 
(MCSE) 

® LAN/WAN Specialist 
(CISCO 


APPLICATION 

DEVELOPMENT 

® Microsoft Certified Solution 
Developer 
(Visual Basic, Visual C++ 

® Database Administrators 
(Oracle, SQL Server) 

® Web Based Development 
(Java or JavaScript, CORBA 
Microsoft ASP, ActiveX 
COM/DCOM) 


Job opportunities are also avail 
able for Sale Managers 
Marketing Managers, Busines: 
Managers, Human Resources 
Managers, Controllers and 
Technical Recruiters. Bachelor's 
or Master's degree required 
depending on position. We also 
accept the foreign education 
equivalent of the degree or the 
degree equivalent in education 
and experience. Excellent ben 
efits. Send confidential resume 
and salary requirements to 
Corliant, inc, 8 Neshaminy 
interplex, Suite 209, Trevose. 
PA 19053. An equal opportunity 
employer 


Programmer Analyst. Develop 
and write computer programs 
to store, locate, and retrieve 
specific documents, data, and 
information. Bachelor degree in 
C.S., Eng’g, or similar field req'd 
as is 3 yrs exp. in a programmer 
analyst position. Prior exp. must 
include exp. w/ Coldfusion. Must 
have exp. w/ DreamWeaver 
and development of WWW 
applications. Full-time, day shift 
competitive salary. Resumes to 
Wendell Tankersley, Job No 
1886.23, Computer Task Group. 
Inc., 5875 Castle Creek Parkway. 
Suite 208, Indianapolis, IN 
46250-5111 


SOFTWARE ENGINEER wanted 
by computer consulting firm in 
Sugar Land, TX. Must have M.S. 
in Computer Science plus expe 
rience. Respond by resume to 
Ms. Barbara K. Nelson, A/A 
Digital Consulting Software Ser 
vices, Inc., One Sugar Creek 


Center Bivd., Suite 500, Sugar 


Programmer/Analyst-Determine 
feasibility/costv/time req'd for 
new/modified prog. for financial 
mgt & compatibility w/current 
sys; analyze/alter prog to 
increase operating efficiency 
locate/solve errors. Bach/equiv 
Comp Sci or Engg. 6 mos exp in 
pos or Comp Engr. Fax resume 


313-584-6133 


Database Design Analyst w 
Bachelors and 2 years exp 
wanted in Houston, TX. Apply t 
HR Dept., American Marvel, Inc 


5801 Memorial Dr., Houston, TX 


Computer Application Specialists 
wanted in Dallas area to work 
under direct supervision tc 
develop and design software 


systems for testing procedures 


and documentation. Provide 
installation, technical support & 
database security of LAN 
Requires B.S in Comp. Sci. plus 
1 yr exp. in job offered. Fax 
resume to Allison Gibson at 
LNS Environmental Services at 


(972) 669-3575 


Programmer Analyst. Convert 
customer requirements into 
program specifications; analyze 
the impact of proposed solutions 
on business applications; ensure 
satisfactory functioning through 
testing, analyze results and 
correct deficiencies according to 
customer requirements; and 
review the work done by devel 
opment team members. Must 
have Bachelors degree in 
Computer Science, Engineering 
or related, and knowledge of C 
C++, UNIX, and Oracle. Send 
resume with cover letter to APAC 
Customer Services, Inc., Attn 
Cindy Corkery, 6 Parkway North 
Center, Deerfield, IL 60015 


APAC Customer Services, Inc. is 
not affiliated with APAC, Inc., the 
road paving and construction 


materials company. EEO/AA 


Programmer Analyst to design 
develop, test and implement 
application systems using DB2 
COBOL, DOS and SAP; confer 
with clients to determine neces 
sary modifications and determine 
feasibility of requested modifica- 
tions; prepare and present 
prototype of modified system to 
client; install application system 
based upon prototype; and train 
users on modified system 
and create training manuals 
Northeastern Illinois location 
with travel to various client sites 
as required. Requires B.S. in 
Computer Science/Engineering 
plus 2 years experience as 
programmer analyst, systems 
analyst or computer consultant 
Salary $72,000/yr., 40 hrs/wk 
9a.m.-5 p.m., O.T. n/a. Applicants 
must show proof of legal authority 
to work in the U.S. SEND 2 
COPIES OF BOTH RESUME & 
COVER LETTER TO ILLINOIS 
DEPARTMENT OF EMPLOY 
MENT SECURITY, 401 S. State 
St. - 7 North, Chicago, Illinois 
60605, Attn: Brenda Kelly. 
Reference # V-IL 28211-K. AN 
EMPLOYER PAID AD. NO 
CALLS. 


Call your 
ITcareers Sales 
Representative 


or Janis Crowley 


1-800-762-2977 


Compsoft Technology Solutions 
Group, Inc. seeks experienced 
Programmer Analysts, DBAs 
and Software Engineers to 
develop and design software 
systems using some of the 
following: C, C++, VB, Oracle 
Developer 2000, Java, PL/SQL 
MS Access, MS SQL, internet 
wireless technologies, Windows: 
UNIX admin for Data warehousing 
etc. Require BS/MS or foreign 
equiv. Highly competitive 
salaries, some travel and 
relocation to client sites involved 
Send Resumes to: 11 N Roselle 
Road, Schaumburg, !L 60194 


INFORMATION SYSTEMS 
CONSULTANT sought by con 
sulting firm in Houston, TX. Must 
have M.S. in M.1.S., plus exp. Two 
openings. Respond by resume 
to: Mr. J.K. Clanahan, R/D. 
Information Advantage Associ 
ates, 3000 Wilcrest, Suite 164 
Houston, TX 77042 


SOFTWARE ENGINEERS: Re: 
sponsible for software integration 
and external interface develop- 
ment.Use combination of Oracle 
PL-SQL, CASE tools and Peo 
pleSoft under Oracle 8.x envi 

ronment to develop, create 
modify and maintain application 
software and/or utility modules 
for DoD HRMS. application 
64K-72K(F-T; 40hr/wk); New 
Orleans, LA; B.S.Computer 
Science (or equivalency); 4 yrs 
experience or related experience 
in ERP package customization 


Contact: Kenneth Burkhalter 
personne! @ otisinc1.net 
Tel.: (985)781-3892 


Sas 
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SOFTWARE ENGINEER 


Software engineer to design 
deveiop and test computer prc 

grams for business applications 
analyze software requirements 
to determine feasibility of design 
direct software system testing 
procedures using expertise in 
CICS, DB2, JCL and MQ Series 
Requirements: Bachelor's Degree 
or equivalent in Computer Sci 

ence or related field and two 
years experience as a software 
engineer or computer program: 
mer, knowledge of CICS, DB2 
JCL and MQ Series. Salary 
$66,000/year. Working Condi 
tions: 8:00 A.M. to 5:00 P-M., 40 
hours/week, involves extensive 
travel and frequent relocation 
Apply: JS Supervisor, Greene 
County Team PA Careerlink, 4 
West High Street, Waynesburg, 
PA 15370-1324, Job No. WEB 
206868 


COMPUTER 

Aces International, Inc. is hiring 
Programmer Analysts, Software 
Enggs, Financial Analysts and 
Market Research Analysts. For 
some positions candidates 
maybe placed on client sites 
nation-wide. Send resumes to 
Aces International, Inc 980 
Central Expressway, Santa 
Clara, CA-95050, email 


hr@acesintl.com. 


SOFTWARE ENGINEER 


Software engineer to design 
develop and test computer pro- 
grams for business applications: 
analyze software requirements 
to determine feasibility of design, 
direct software system testing 
procedures using expertise in 
Oracle 8i, awk, WebLogic and C 
Requirements: Bachelor's Degree 
or equivalent in Computer Sci 
ence or related field and two 
years experience as a software 
engineer or computer program 
mer, knowledge of Oracle 8i 
awk, WebLogic and C. Salary 
$66,000/year. Working Conditions: 
8:00 A.M. to 5:00 PM., 40 
hours/week, involves extensive 
travel and frequent relocation 
Apply: Manager, Washington 
County Team PA Careerlink 
Millcraft Center, Suite 150LL, 90 
West Chestnut Street, Washington, 
PA 15301-4517, Job No. WEB 
206880 


SOFTWARE ENGINEER 


Software engineer to desigr 

develop and test computer pro- 
grams for Dusine applications 
analyze software requirements 
to determine feasibility of design: 
Jirect software system testing 
procedures using expertise in 
Java, JavaScript, C++ and Oracle 
Requirements: Bachelor's Degree 
or equivalent in Computer Sci 
ence or related field and two 
years experience as a software 
engineer or computer programmer. 
knowledge of Java, JavaScript 
C++ and Oracle. Salary: $72,000) 
year. Working Conditions: 8:00 
A.M. to 5:00 PM., 40 hours 
week, involves extensive travel 
and frequent relocation. Apply 
Fayette County Team PA 
CareerLink, Attn: JS Supervisor. 
32 lowa Street, Uniontown, PA 
15401-3513, Job No. WEB 
206849, 


Systems Analyst; 8a-5p 40 hrs. 
wk; Analyze, design, develop. 
program, implement, test & 
maintain software applications 
based on user reqmts. using C. 
Oracle 7, Dev.2000 & Novell 
Netware 3.1; Masters or equiv 
degree in Computer Sc. or Engg 
or Tech; Computer Info Sys 
Electronics or Electrical or other 
related branch of Engineering. In 
lieu of Masters applicant can have 
Bachelors in specified majors 
and 4 yrs of progve. exp. as 
computer software professional 
Resume to: Axiom Systems, Inc 
2550 Northwinds Pkwy., Suite 
440, Alpharetta, GA 30004 


Software Developers: RadixOne 
has openings at multiple locations 
for Software Developers with 
strong skills in: 

DBA-Oracle/Sybase/DB2 

VB/C/C++;COM/DCOM 

Windows NT/UNIX System 

Administrators 

Mainframe/Cobol/CICS 

AS400/rpg 

PeopleSoft, Peopietools, SQL 

Oracle, Siebel 

SAP, EDI! 

COM,DCOM 

Client Server Testing 

Java Developers 
Will be assigned to client sites 
nationwide. Send resume to 
RadixOne, Attn: Technical 
Recruiter, 16885 W. Bernardo 
Drive, Ste 255, San Diego, 
CA 92127 or email 
resumes @ radixone.com 


IT CAREERS 


Software AG, Inc. is recruiting for 
all types of Systems Analys' 
Consultants, Staff Cc sltants. 
Project Managers/Leaders 
System/Software 7 
Quality Assurance 

Programmer/Anal 
and other computer 


professionals 


We have offices throughout the 
U.S. including: Reston, VA; Atle 
Chicago; Dallas; Sacrame 
San Ramon and Ir 

Denver 


Resume to: Software AG, Inc 
ATTN: HR, Computerworld Ad 
11190 Sunrise Valley Dr., Reston 
VA 20191. Fax: 703-391 

For additional information, find u: 
under Computer, or visit our Web 


site: www.softwareagusa.corr 


Datalog Technology Resources 
has openings for Software 
Engineers for job locations in 
New Jersey and elsewhere, with 
at least two years of p rar 

ming experience. Job Duties 
Research, analyze, design 
develop, test, and implement 
software applications | g Skills 
such as Visual Basic, Oracle. 
Visual C++, and MFC on Windows 
NT/95 environment. Po ons 
require a Masters degree in 
computer related fields. Excellent 
Pay and Benefits. Mail resume to 
HR Dept., Datalog Technology 
Resources, Inc 5 Lincoin 
Highway, Suite 101, Edison, NJ 
08820 


Sr. Systems Analyst/Program- 
mers-Sensormatic Electronics 
Corporation, Boca Raton, Florida. 
has multiple openings for Sr. 
Systems Analyst/Programmers 
to work with an d support BaaN 
ERP software and sub-systems. 
Candidates must present a 
Bachelors degree in Computer 
Science, Information Science 
Information Systems or Computer 
Engineering (software emphasis) 
or related field and 2-3 years 
experience using BaaN IV. 
Please apply directly through 
www.sensormatic.com (employ: 
ment) by location and reference 
Job Code AZA1 or send resume 
and salary requirements 
Staffing Department, B 
Sensormatic PO Box 

Boca Raton, Florida 33 
0837. We are proud to be an 
EEO/AA employer. M/F/V/D. 


the place where your fellow readers 


are getting a jump 


Stop in a visit. 
See for yourself. 


on even more of 


the world's best jobs. 


(rT) careers.com 


COMPUTER 








Cwo1110SCW 7 


Programmer Analyst - Oracle 
Specialist - Multiple Openings 


Structured systems analysis. 
design, development, testing 
quality assurance, implementation, 
integration, maintenance and 
support of large volume on-line 
complex integrated client-server 
based business, financial, banking. 
manufacturing and other com- 
mercial application systems in a 
multi-hardware/multi-software 
environment using centralized or 
distributed database systems 
using Oracle Relational Data 
base Management Systems 
(RDBMS) and related software. 
Design of large application 
systems and databases in a 
Co-operative Development Envi- 
ronment (CDE); and analysis. 
design and development of 
applications using CASE (Com- 
puter Aided Software Engineer- 
ing) tools. Bachelor's Degree (or 
equivalent) in Computer Science- 
Math/Engineering/Science 
Business-Commerce and 1 yr. 
experience in job offered or 
as Software Engineer/Systems 
Analyst are required. Must have 
appropriate combination of skills 
as follows: 1 of A and 3 of B, or 2 
of A and 2 of B. A) includes Oracle 
RDBMS, Oracle CASE tools 
(Designer, Dictionary, Generator). 
CDE 2, Oracle Financials; B) 
includes PRO*C, SQL*Forms. 
SQL*Reportwriter, SOL*Plus. 
SQL*Menu, PL/SQL. High mo 
bility preferred. 40 hrs/week, 8 
am - 5 pm. $66,671 - $78,000 
per year. Qualified applicants 
should contact or send resume 
to Director, Pittsburgh/Allegheny 
County CareerLink, ATTN: JS 
Supervisor, 425 Sixth Avenue 
Suite 2200, Pittsburgh, PA 15219. 
Refer to Job Order #WEB 
206151 


Software Engineer to design 
develop, implement, test, maintain 
and support mainframe software 
for business applications using 
COBOL, JCL, SQL, CSP, DB2 
and CICS on MVS and Windows 
platforms. Require: BS Degree 
in Computer Science, an Engi- 
neering discipline, or a closely 
related field with five years 
of progressively responsible 
experience in the job offered 
or in the related occupation 
of Programmer/Analyst or 
Programmer. Extensive travel on 
assignments to various client 
sites within the US is required. 
Salary $67,000 per year. Apply 
by resume to Ravi Kandimaila 
President, EVEREST COMPUT- 
ERS INC, 900 Old Rosewell 
Lakes parkway, Suite 300 
Rosewell, GA 30076; Attn 
JobGov 


A business of Pricewaterh 


PwC Consulting is one of Computerworld’s Top 10 Best Places to Work in IT. We continually seek 
IT/Systems Integration Principal Consultants and Consultants in the following areas 


¢ Application Development 


¢ E-Business 
¢ Data Warehousing 
* PeopleSoft 
¢ Siebel 
¢ SAP 
¢ Oracle 


* Systems Administration/Integration 


¢ Process Improvemen 
* Strategic Change 


° Supply Chain Management 


stems Auditing 
* Network Integration 


Please e-mail your resume to: mcsrecruiting@ us.pwcglobal.com by either pasting your resume | 
within the body of the email or attaching as a single text or htmi file www.pwcconsulting.com. We 
are proud to be an Affirmative Action and Equal Opportunity Employer. 


PwC Consultin 


PwC Consulting™refers to the management consulting. 
services businesses of the member firms of the worldwide 
PricewaterhouseCoopers organisation 
ecient eee 


OuseCoopers 








Chief Information Officer. Provide 
overall management, technical 
and financial direction for strategic 
enterprise IT projects; identify 
changes and trends in computer 
and system technology and 
interpret their meaning to senior 
management; develop solutions 
for complex business problems 
manage growth and development 
of the technology teams; provide 
information security and access 
management to ensure the 
integrity of corporate data, pro 
prietary information and related 
intellectual property: drive the 
development of enterprise tect 
nology standards to ensure com 
Patibility and integration through 
out the company: and analyze 
enterprise program requirements 
and anticipate resources to meet 
objectives 


Minimum requirements: Bachelor's 
degree in Business, Computer 
Science, Engine 

discipline plus 7 yea 

ence in strategic pianning 
velopment, implementation, and 
maintenance of large-scale inte 
grated on-line relational database 
systems across multiple hardware 
and software platforms. In addition 
qualified candidate must have a 
minimum of 5 years manage 
ment and at least 7 years project 
management experience 


Competitive salary. Hours: 8 am 

5 pm, M-F. Must have indefinite 

right to work in U.S. Send resume 

demonstrating minimum require 

ments to 

Tipton Bradford, c/o ChoicePoint 

AVP-Human Resources 
1000 Alderman Drive 70-A 
Alpharetta, GA 30005 


SOFTWARE ENGINEER 


Software engineer to design 
develop and test computer pro: 
grams for business applications. 
analyze software requirements 
to determine feasibility of design 
direct software system testing 
procedures using expertise in C 
Visual Basic, PowerBuilder, Oracie 
and SQA Suite. Requirements 
Bachelor's Degree, educational or 
functional equivalent, in Computer 
Science or related field and two 
years experience as a software 
engineer or computer program- 
mer, knowledge of C, Visual Basic 
PowerBuilder, Oracie and SQA 
Suite. Salary: $66,000/year 
Working Conditions: 8:00 A.M. to 
5:00 P-M., 40 hours/week, involves 
extensive travel and frequent 
relocation. Apply: Manager, Beaver 
County Team PA CareerLink 
2103 Ninth Ave., Beaver Falls. 
PA 15010-3957, Job No 
WEB206860 


careers 


where the best get bet 


1-800-762-297 


Programmer Analyst - PC 
Networking/Sys. Admin. & Appi 
Integration: Utilizing knowl. of 
networking topologies, networking 
technologies & PC architecture 
install, configure & manage 
physically distributed computer 
networks & network operating 
systems. Provide user support 
network troubleshooting, network 
expansion, printer services & 
back- up mgmt. Coordinate local 
& remote hardware & software 
configuration; implement & 
execute opera rocedures 
& monitor system 

utilization; perform capacity plan 
ning. Interface main application 
environ. w/underlying networking 
software. Carry out performance 
tuning of network for user appli 
cations. Req: B.S 
sci.-math/engr'g/sc 

commerce or equiv 

n job offered or as programmer 
analyst/systems analyst. Must 
have appropriate combination of 
skills as follows: 20f A &2o0fB 
&1 of D;or20fA&20fB &lof 
C &! of D. A includes Operating 
Systems: Novell NetWare, Win 
dows NT, OS Windows 95 
LAN Server, Banyan Vines 
LANmanager, LANtastic.; B 
ncludes networking: IPX/SPX 
TCP, FTP, Windows f 
Workgroups, NetBIOS, X.25; C 
includes network mgmt: SNMP, 
LANanalyser, NetView, NetMar 
a D includes LAN technok 
gie Ethernet, Token Ring 
FDDI. High mobi preferred 
Multiple positions) 40 hrs/wk 
$66,671 - $78,000/yr. Report 
submit resume to Mgr., Beaver 
County Team PA CareerLink 
2103 Ninth Ave., Beaver Falls. 
PA 15010. Wewb. 206125 


Programmer Analyst SAP 
Specialist: Structured systems 
analysis, process engr’g, design. 
configuration, prototyping, de- 
velpm't, testing, QA, implemen 
tation, integration, maintenance 
& knowledge transfer of SAP 
R/2 & SAP R/3 systems for 
business, finc'l, banking, mfrg & 
other commercial application 
systems in a multi-hardware 
environ. using centralized or 
distributed Relational Database 
Mgmt Systems (RDBMS), Fourth 
Generation Languages (4GLs) & 
other GUI (Graphical User Inter 
face) front- end tools. Req: B.S. 
in comp. sci., sci. or enginr'g (or 
equiv.) & 1 yi exp in job offered 
OF as programmer analys’systems 
analyst. Must have appropriate 
combination of skills as follows: 
lof A& 20f B; or 20f A &l of B 
or 2 of A; or 2 of B. A includes Fi 
CO, AM, SD, MM, PP, QM, PM 
HR, PS, WF, IS, BS; B includes 
ABAP?/4, Screen Painter, Menu 
Painter, SAP Script, Correction 
Transport, Data Dictionary, Func 

tion Modules, User-Exit Routines. 
SAP Installation. High mobility 
preferred. (Muitiple positions) 40 
hrs/wk; $66,671 - $78,000/yr 

Reply to: McKeesport/Aliegheny 
Cty CareerLink, ATTN: JS 
Supervisor, 345 Fifth Avenue 
McKeesport, PA 15132. Web 
#206118 
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SOFTWARE ENGINEER t 
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Insurer 


operating, I have to go to the 
command center.” 

The anthrax scare in the data 
center, originated by an em- 
ployee who saw a suspicious 
piece of mail, ended up being a 
false alarm, said 
spokeswoman Julie Gold An- 


derson. But the episode illus- | 
trates the difficulty of conduct- | 
| building at 42nd Street and 


ing business as usual in times 
that are far from normal. 

But as Klepper emphasized, 
Empire, the largest health in- 
surer in New York state, and its 
IT operations have to conduct 
business 24/7 to serve the com- 
pany’s 4.4 million beneficiaries 
and their employers. This in- 
cludes developing code for a 
new Web-based interface for 
employers, maintaining legacy 
code and leasing temporary fa- 


cilities while at the same time | 


searching for a new headquar- 
ters in New York. 

In the aftermath of the ter- 
rorist attacks, Empire also re- 
configured one of its automat- 
ed call centers to track the 
whereabouts of the 1,900 em- 
ployees who worked in the 
World Trade Center, with each 
confirmation entered into a 
constantly updated database. 


Empire lost nine employees | 


and two consultants in the at- 
tacks on the U.S. 


Klepper was hindered in | 


overseeing his people in the 
four days after the attacks be- 
cause on Sept. ll, he had just 
arrived in Bangalore, India, to 
study the possibility of shifting 
some of his code maintenance 
to a facility operated by the In- 
dian unit of IBM. 
Bruce Morlino, IBM’s 


ac- 


count representative for Em- | 


pire, was in Bangalore with 
Klepper and quickly mar- 
shaled IBM resources to help 
support Klepper from a Banga- 
lore hotel conference room. 
Morlino said this included two 
around-the-clock open confer- 
ence call voice circuits to New 


Empire | 





York as well as direct e-mail 


connections through IBM’s 


| global network. 


Klepper took a commercial 
flight to Frankfurt and an IBM- 
arranged jet charter to Montre- 
al and then traveled the rest of 
the way home in a van. The 
next week, he set about re- 


building Empire’s physical and | 


IT infrastructure. 


In the past six weeks, Klep- | 
per has leased space in seven 


temporary facilities and signed 
a lease on a new headquarters 


Fifth Avenue, in midtown Man- 
hattan. Empire has also re- 


Continued from page 1 


Microsoft 


include Oracle Corp. and Sun 
Microsystems Inc. Black said 


fundamental ability to absorb 


new products and services into 


its operating systems. 
Among corporate end users, 


there has never been a consen- 


sus of opinion about this case. 
But some welcomed its appar- 
ent end. 


“I think the federal govern- | 


ment has backed away from it 
for two reasons. I think there 


could be a negative impact to | 


the corporate users and con- 
sumers. And I think with world 
events going on, they don’t 


want to deal with it anymore,” | 
said Frank Orlow, manager of | 


technical services at Clark Re- 
tail Enterprises Inc. in Oak 
Brook, Ill. “I think it’s a good 
move,” he added. 

Analysts, end users and oth- 


| ers were just beginning Friday 
| to analyze the complex settle- | 


ment agreement, but the initial 


view is that it will have little | 


impact on Microsoft’s enter- 
prise customers. 

Installing non-Microsoft soft- 
ware on new PCs, for instance, 


“was never an impediment for 


corporate users,” said Al Gil- 
len, an industry analyst at IDC 


| Gartner 


placed all the equipment lost at 
the World Trade Center, in- 
cluding 265 servers, more than 
2,200 desktops and monitors 
and 413 laptops. IBM supplied 


all this equipment except for | 


the servers, which were 
quired from Compaq Comput- 
er Corp. 

Some of the temporary loca- 
tions required significant up- 
grades to their network infra- 
structures, Klepper said. In 
one transient workplace, the 
W Hotel in midtown, a newly 
installed Gigabit Ethernet net- 
work supported the code de- 
velopment for a Web-based in- 


ac- 


in Framingham, Mass. “They’re 


| going to strip a system and put 


what they want on it anyway.” 
David Smith, an analyst at 

Inc. in Stamford, 

the settlement 


Conn., said 


| could have a positive impact in 
he doesn’t believe the agree- | 
ment will change Microsoft’s | 


limited areas. 

For instance, users of Palm 
Inc.'s PalmPilot or Compaq 
Computer Corp.’s iPaq hand- 
helds might find it easier to 
syne those their 
computers if Microsoft is or- 


devices to 


terface to the company’s sys- 
tems, which Klepper called 
critical to Empire’s efforts to 
serve its customers. Despite 
the lost time and the lost code 
in the collapse of the World 
Trade Center towers, Klepper 
said, “we’re going to get this 
done by the end of the year.” 
Shevin Conway, Empire’s 
chief technology officer, said 
that while the company lost 
about “10 days’ worth” of 
source code, the entire object- 
oriented executable code sur- 
vived because it had been elec- 
tronically transferred to the 
Staten Island data center. D 


dered to open its application 
programming interfaces (API) 
to other vendors, Smith said. 

“But it’s not like we’re ever 
going to see five different sup- 
pliers of desktop operating 
systems 
suites at competitive prices, 
with all the playing field level,” 
Smith added. 

The settlement ensures that 
non-Microsoft server software 
will be able to interoperate 
with Windows on PCs the 


or office [software] 


Terms of the Microsoft Settlement 


KEY POINTS 


Applies a broad definition of the term middleware that includes browsers, 
e-mail clients, media players and instant messaging software. 


Requires Microsoft to provide developers with the APIs used by Micro- 
soft's middleware to interoperate with Windows. 


Forces disclosure of server protocols to ensure non-Microsoft server soft- 
ware can interoperate with Windows on a PC the same as Microsoft servers. 


Gives computer makers and consumers the freedom to substitute compet- 
ing middleware products on Microsoft's operating system. 


Provides for a panel of three independent, on-site, full-time computer 
experts to assist in enforcing the final judgment and resolving disputes. The 
experts will have full access to all of Microsoft's books, records, systems, 


source code and personnel. 


Bans Microsoft from entering into agreements that require the exclusive 
support or development of certain Microsoft software. 


Requires Microsoft to license any necessary intellectual property to 
computer makers and software developers. 


Calls for Microsoft to license its operating system to key computer makers 


on uniform terms for five years. 


Prohibits Microsoft from retaliating against computer makers or software 
developers for supporting or developing certain competing software. 


| mlnstalls Giga err 
W Hotel, v 
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same way Microsoft servers do. 

If the states don’t agree with 
the Justice Department’s set- 
tlement, a remedy phase in the 
states’ case against Microsoft 
will begin. Even so, the U.S. 
District Court 
cept the federal settlement and 


could still ac- 


begin a Tunney Act proceed- 
ing, which requires the court 
to collect public 
about an antitrust settlement 
for 60 days. The judge must 
then decide, after reviewing 


comment 


those comments and the gov- 
ernment’s response to them, 
whether the agreement is in 
the public’s interest. 

Microsoft Chairman and 
Chief Software Architect Bill 
Gates said that while the settle- 
ment will set rules on how the 
company develops and licens- 
es its software, it will allow it 
to “continue delivering impor- 
tant new innovations” as well. 

“This settlement eliminates 
the uncertainty of the lawsuit 
and enables Microsoft to focus 
on the future,” he said. “We are 
resolved to implementing this 
settlement promptly and fully.” 

Microsoft’s lead counsel said 
the settlement “is good for the 
parties and consumers.” U.S. At- 
torney General John Ashcroft 
called it the “right result for 
consumers and businesses.” D 


Cara Garretson and Matt Berg- 
er of the IDG News Service con- 
tributed to this report. 
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Flood of ‘Troubles 


ORTY MILLION DOLLARS. That’s what a $6.5 million IT 
project has cost so far at the city-owned waterworks in 
Portland, Ore. Sound impossible? Unfortunately, it’s not — 
because it’s a billing system project. Which means the 
original $6.5 million budget and an additional $3 million 


that has been spent so far to get the system working is just a fraction | 


of the real cost. 


The other $30 million-plus is from lost cash flow, and nobody 
knows how much of that will ever be recovered. Some water cus- 


tomers still haven’t been billed, 20 months after the system went live. | 


And it’s going to get worse before it gets bet- 
ter. An independent consultant brought in to 
plot a rescue strategy for the project figures it 
will take another 18 months and 62,000 hours of 
staff time just to get the system working at min- 
imal levels, according to published reports. 

Appropriately for this IT horror story, the 
first automated past-due notices finally started 
coming out of the system the week before Hal- 
loween. But it will take until Thanksgiving just 
to get them all mailed, and New Year’s will be 
long gone before the system will automatically 
issue shut-off notices for nonpaying customers. 

What went wrong? Everything. Water bureau 
managers ignored other city departments that 
pointed out that the vendor, Severn Trent Sys- 
tems in Houston, had no satisfied customers of 
comparable size. They had to spend an extra 
$350,000 to make existing systems Y2k-ready 
when the schedule slipped four times. 

Then, in order to finally go live in February 
2000, they downplayed warnings from their own 
technical people that the system was unstable 
and decided not to keep the old system running 
for a few months as a backup. 

All of which would have con- 
tributed to a $10 million nightmare 
project if this were, say, a customer 
service or human resources system. 

But because it’s a billing system, 
it’s a nightmare with a much higher 
price tag. An estimated $10 million 
of the lost cash flow will never be 
recovered. Another $3.5 million had 
to be turned over to commercial 
collection agencies. 

The water bureau's budget has 
been slashed. And if the city’s audi- 
tor, KPMG, slaps the department 
with a negative audit opinion, inter- 


FRANK HAYES, Computer- 
world's senior news colum- 
nist, has covered IT for more 
than 20 years. Contact him at 
frank_hayes@computerworid.com. 


est rates on water and sewer bonds would be 
jacked up, making it more expensive to raise 
money for future water projects. 

That’s what happens when a billing-system 
project goes south. You end up with conse- 
quences far out of proportion to the actual mis- 
takes and bad decisions made. 

Why? Because this is where the money comes 


from. Cash flow is the lifeblood, the air supply 


of every business, every enterprise, every gov- 
ernment department that charges for its ser- 
vices. And billing systems are how your organi- 
zation maintains that cash flow. 

This is what you don’t take chances with. 
Ever. Period. 

Keeping that in mind isn’t easy, because 
billing systems are also high-profile projects. 
And when things go wrong — slipped sched- 
ules, busted budgets, persistent bugs — all 
project managers want to find a way to get 
back on track. That usually means taking a 
too-optimistic view that problems aren’t seri- 
ous and that corners can be cut. 

That is, setting themselves up for catastrophe. 

There are projects you can cheat on. You 
shouldn’t, but you might get away 
with letting a vendor use you as a 
guinea pig, going live with a buggy 
system or cutting over to a new sys- 
tem without keeping the old one 
running as a backup. You'll always 
tell yourself there are lots of good 
reasons to cut those corners. 

But if you get the urge to do that 
with a billing system, just remember 
the IT people in Portland’s water 
bureau who can enumerate even 
more very good reasons not to cut 
any corners at all. 

About 40 million of them. D 
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PILOT FISH PLUGS IN the 
new UPS at a remote site, and 
immediately the Building Wiring 
Fault warning light goes red. We 
need an electrician to fix the 
building's wiring problem, fish 
tells boss. “Why go through that 
expense?” asks boss. “Just or- 
der dumber UPSs that don’t 
check the wiring.” 


HALFWAY THROUGH migrat- 
ing several mainframe applica- 
tions to Unix, database analyst 
pilot fish and his team get the 
word from company honchos 
We're not renewing the main- 
frame maintenance contract, so 
you have five weeks to finish the 
ports. But that’s not enough time 
to finish analysis, design and 
coding, fish protests. “Just code 
the new systems,” boss tells 
him. “After you meet the dead- 
line, you'll have plenty of time to 
go back and complete analysis 
and design.” 


LEASING COMPANY customer 
asks IT pilot fish to e-mail him a 
small software package. Fish 
sends it and hears back immedi- 
ately. “Our e-mail won't accept 
exe files,” says customer 

“Could you send a .jpg instead?” 


‘ 


a 
a __ 
DATABASE ANALYST pilot fish 
at a big insurance company fixes 
a corrupted production database 
by shutting it down - and the re- 
sulting outage sets off waves of 
complaints to IT management 
So bigwigs declare a new policy 
“Next time, all users are to be 
kicked out of the system,” fish 
says, “and kept out until the 
database problem is resolved - 
thereby avoiding an ‘outage.’ ” 


NETWORK ADMINISTRATOR 
pilot fish gets complaints about 
how slowly the IT shop's new 
calendar program is running. A 
quick check shows why: There's 
almost no disk space left, be- 
cause an admin assistant has 
entered weekly meetings for the 
next 10 years. “These meetings 
have always been and will al- 
ways be,” admin insists. Fish re- 
ports: “They did away with those 
particular meetings the very next 
week when we moved into our 
new building.” 


Pencil me in: sharky@ 
computerworld.com. You 
score a sharp Shark shirt if your 
true tale of IT life sees print - or 
if it shows up in the daily feed at 
computerworld.com/sharky. 


The 5th Wave 


ProtoDraws awesome! & 
Now I can drag and ¥ 


dyop a spleen into 


memos if I want. 


©Rich Tennant, www.theSthwave.com 
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THE CODERNAUTS WERE ON A SEARCH FOR A DATABASE THAT RUNS ON LINUX, UNIX AND WINDOWS 2000. THEY DISCOVERED: 


DB2 ouTPperRFoRMS ORACLE 


F CUSTOMERS KNOW IT, PARTNERS KNOW IT, BENCHMARKS PROVE IT i 


IT’S A DIFFERENT KIND or WORLD. 


© business software — ibm.com/db2/outperform YOU NEED A DIFFERENT KIND or SOFTWARE. 





Introducing Dell PowerConnect Network Switches. 


We're performance, reliability and value, like you'd expect from Dell PowerEdge Servers, now in a network switch. 


Dell | Small Business 
PowerConnect™ 2016/2024 Switch PowerEdge™ 500SC Server 


; ’ our switches versus those other switches? When you combine 


Oh, did we mention that you can save up to 50% or more on 


i 
tion Need MB 133MH RAM reliable Dell PowerEdge™ servers — powered by Intel” Pentium® III 


processors — with Dell PowerConnect™ Network Switches, you can 


From 


$169 aii ioc 
$629 > ee ; award-winning service and support. Which means you 
Recommended upgrade © 10144-291106 


° NBD Pai $79 9 yet one single point of contact. So, whether you're 
Recommended upgrades 


expand your network without breaking the bank. And we're all backed by Dell's 


PowerConnect™ 3024 Switch , a = ; oe expanding your network with Dell PowerEdge servers or 


with Dell's new line of PowerConnect Network Switches 


PowerEdge” 2550 Server you get quality technology at an affordable price pentiume/// 


699" 


Recommended upgrade Y N 


2 $ Busine $50/mo,, 4 
™ ° . E-VALUE Cod: 
PowerConnect™ 5012° Switch 1899 2 irmernne 
A } M ged Swit Recommended upgrades 


= 
Visit www.dell.com/switch or call toll free 1-877-931-3355. 


Dell PCs use genuine Microsoft® Windows" 
www. microsoft.com/piracy/howtotell 


USE THE POWER OF 
THE E-VALUE CODE. 





